Gamma Strategies: Flash Loan — LP Token Price Manipulation (Price Threshold Bypass)
Gamma Strategies lost $4.5M when an attacker used flash loans to push prices to the edges of Gamma's own intentionally-set price tolerance thresholds — the "protection" mechanism was the vulnerability because the tolerances were set too wide.
Summary #
Gamma Strategies suffered a DEX / Concentrated Liquidity Management on 2024-01-04, resulting in a loss of approximately $5M.
What happened #
Gamma Strategies lost $4.5M when an attacker used flash loans to push prices to the edges of Gamma's own intentionally-set price tolerance thresholds — the "protection" mechanism was the vulnerability because the tolerances were set too wide.
Linked factors #
- RD-F-007 — related : Bug bounty absent — baseline integrity gap [via dashboard_risk_factors/Bug bounty: Unknown]
- RD-F-090 — illustrative : Mixer withdrawal → protocol interaction [via realtime_signals/Pre-exploit on-chain signals: Y — Tornado Cash-funded attacker address appeared ~2.5 hours before attack; attack contract deployed pre-exploit]
- RD-F-099 — illustrative : Oracle price deviation > X% from secondary source — RT signal would have fired [via realtime_signals/Oracle anomaly: Y — LP token price manipulation via flash loan is detectable as an anomalous price spike within the vault's price feed during the attack]
- RD-F-111 — causal : Team doxx status — pseudonymous-no-track-record class [via dashboard_risk_factors/Team anonymity: Unknown]