Case Study 2: Augur Dispute Resolution --- Modeling the Cost of Corruption
Overview
Augur's decentralized oracle relies on an escalating dispute mechanism to ensure that markets resolve to the correct outcome. In this case study, we model the economics of Augur's dispute resolution system: computing the cumulative cost of challenging an outcome through successive rounds, analyzing the fork threshold, and determining the maximum market size that Augur can securely support at different REP token prices.
Our analysis answers a critical question: How much would it cost to corrupt an Augur market?
Background: Augur's Dispute Mechanism
Augur's resolution proceeds through several stages:
-
Initial Report: A designated reporter stakes REP on an outcome. If no one disputes, the market resolves after a 24-hour window.
-
Dispute Rounds: If disputed, the market enters escalating dispute rounds. In each round, participants stake REP on the outcome they believe is correct. The required stake roughly doubles each round.
-
Fork: If cumulative dispute stakes reach 2.5% of total REP supply, Augur triggers a fork. The REP token splits into two versions --- one for each disputed outcome. REP holders must choose a side permanently.
The exponential escalation is the key security mechanism. An attacker trying to force a false outcome must outspend defenders at every round, with costs growing geometrically.
Step 1: Modeling Dispute Cost Escalation
"""
Model the cumulative cost of sustaining a dispute through N rounds.
"""
from dataclasses import dataclass
import math
@dataclass
class DisputeRound:
"""State of a single dispute round."""
round_number: int
required_stake: float # REP required to dispute
cumulative_stake: float # Total REP staked across all rounds
side: str # Which side is disputing
def model_dispute_escalation(
initial_stake: float,
escalation_factor: float = 2.0,
max_rounds: int = 20,
) -> list[DisputeRound]:
"""Model dispute cost escalation through multiple rounds.
Args:
initial_stake: REP required for the first dispute.
escalation_factor: Multiplier for each successive round.
max_rounds: Maximum number of rounds to model.
Returns:
List of DisputeRound objects.
"""
rounds = []
cumulative = initial_stake # Initial report stake
for r in range(max_rounds):
stake = initial_stake * (escalation_factor ** r)
cumulative += stake
side = "Challenger" if r % 2 == 0 else "Defender"
rounds.append(DisputeRound(
round_number=r + 1,
required_stake=stake,
cumulative_stake=cumulative,
side=side,
))
return rounds
# Model with initial stake of 100 REP
initial_stake = 100.0
rounds = model_dispute_escalation(initial_stake, max_rounds=15)
print("DISPUTE COST ESCALATION")
print("=" * 65)
print(f"{'Round':>5} {'Side':<12} {'Round Stake':>14} "
f"{'Cumulative':>14} {'Growth':>10}")
print("-" * 65)
for r in rounds:
growth = r.cumulative_stake / initial_stake
print(f"{r.round_number:>5} {r.side:<12} "
f"{r.required_stake:>14,.0f} REP "
f"{r.cumulative_stake:>14,.0f} REP "
f"{growth:>9.0f}x")
Result: By round 10, the cumulative cost exceeds 100,000 REP (1,000x the initial stake). By round 17, it exceeds 10 million REP, approaching the fork threshold for an 11-million-REP supply.
Step 2: Attacker Cost Analysis
To corrupt a market, the attacker must win every dispute round. The defender only needs to win a single round.
def compute_attack_cost(
initial_stake: float,
rep_price_usd: float,
attacker_rounds: int,
) -> dict:
"""Compute the USD cost for an attacker to sustain a false outcome.
The attacker must stake at every odd round (1, 3, 5, ...),
while honest participants stake at even rounds (2, 4, 6, ...).
Args:
initial_stake: Initial report stake in REP.
rep_price_usd: Current market price of REP.
attacker_rounds: Number of rounds the attacker controls.
Returns:
Dictionary with cost analysis.
"""
attacker_total_rep = 0.0
defender_total_rep = 0.0
for r in range(1, attacker_rounds * 2 + 1):
stake = initial_stake * (2.0 ** (r - 1))
if r % 2 == 1: # Attacker's round
attacker_total_rep += stake
else: # Defender's round
defender_total_rep += stake
return {
"attacker_rep": attacker_total_rep,
"attacker_usd": attacker_total_rep * rep_price_usd,
"defender_rep": defender_total_rep,
"defender_usd": defender_total_rep * rep_price_usd,
"attacker_rounds": attacker_rounds,
"ratio": attacker_total_rep / defender_total_rep if defender_total_rep > 0 else float('inf'),
}
# Analysis at different REP prices
print("\n\nATTACKER COST ANALYSIS")
print("=" * 65)
rep_prices = [2, 5, 10, 20, 50]
attacker_rounds = 8
for price in rep_prices:
cost = compute_attack_cost(100, price, attacker_rounds)
print(f"\nREP Price: ${price}")
print(f" Attacker cost ({attacker_rounds} rounds): "
f"{cost['attacker_rep']:,.0f} REP = "
f"${cost['attacker_usd']:,.0f}")
print(f" Defender cost ({attacker_rounds} rounds): "
f"{cost['defender_rep']:,.0f} REP = "
f"${cost['defender_usd']:,.0f}")
Step 3: Fork Threshold Analysis
def compute_max_secure_market(
total_rep_supply: int,
rep_price_usd: float,
fork_threshold_pct: float = 0.025,
) -> dict:
"""Compute the maximum market value Augur can securely support.
The security model assumes that the cost to reach the fork threshold
exceeds the value at risk in any single market.
Args:
total_rep_supply: Total REP token supply.
rep_price_usd: Current REP price in USD.
fork_threshold_pct: Fork threshold as fraction of total supply.
Returns:
Security analysis results.
"""
fork_threshold_rep = total_rep_supply * fork_threshold_pct
fork_threshold_usd = fork_threshold_rep * rep_price_usd
rep_market_cap = total_rep_supply * rep_price_usd
return {
"total_rep_supply": total_rep_supply,
"rep_price_usd": rep_price_usd,
"rep_market_cap": rep_market_cap,
"fork_threshold_rep": fork_threshold_rep,
"fork_threshold_usd": fork_threshold_usd,
"max_secure_market_usd": fork_threshold_usd,
}
print("\n\nFORK THRESHOLD ANALYSIS")
print("=" * 65)
total_rep = 11_000_000 # 11 million REP
print(f"{'REP Price':>10} {'Market Cap':>14} {'Fork Threshold':>16} "
f"{'Max Market':>14}")
print("-" * 58)
for price in [1, 2, 5, 10, 20, 50, 100]:
result = compute_max_secure_market(total_rep, price)
print(f"${price:>9} ${result['rep_market_cap']:>13,.0f} "
f"${result['fork_threshold_usd']:>15,.0f} "
f"${result['max_secure_market_usd']:>13,.0f}")
Step 4: Security Margin Visualization
def security_margin(
market_value_usd: float,
rep_price_usd: float,
total_rep: int = 11_000_000,
fork_pct: float = 0.025,
) -> float:
"""Compute the security margin: how many times more the attack costs
than the market value.
A margin > 1 means the market is secure (attack costs more than
the market value). A margin < 1 means the market is vulnerable.
"""
attack_cost = total_rep * fork_pct * rep_price_usd
return attack_cost / market_value_usd if market_value_usd > 0 else float('inf')
print("\n\nSECURITY MARGIN HEAT MAP")
print("=" * 65)
print("(Values > 1.0 = secure, < 1.0 = vulnerable)")
print()
market_sizes = [100_000, 500_000, 1_000_000, 5_000_000, 10_000_000]
rep_prices = [2, 5, 10, 20, 50]
print(f"{'':>12}", end="")
for price in rep_prices:
print(f"{'REP=$' + str(price):>12}", end="")
print()
print("-" * (12 + 12 * len(rep_prices)))
for mkt in market_sizes:
label = f"${mkt/1e6:.1f}M" if mkt >= 1_000_000 else f"${mkt/1e3:.0f}K"
print(f"{label:>12}", end="")
for price in rep_prices:
margin = security_margin(mkt, price)
indicator = "OK" if margin >= 1 else "!!"
print(f"{margin:>9.2f}x {indicator}", end="")
print()
Key Findings
1. Exponential Escalation Is Powerful but Has Limits
The doubling mechanism makes single-market corruption very expensive at low dispute rounds. An attacker faces costs that grow geometrically while defenders' cumulative cost grows similarly. However, the total pool of REP is finite, and at some REP price, the fork threshold (2.5% of supply) may be smaller than high-value markets.
2. REP Price Is the Critical Variable
At REP = $10 and 11M supply, the maximum secure market size is $2.75M. This means Augur cannot securely support markets with more than $2.75M at risk. If REP falls to $2, the cap drops to $550K --- insufficient for major political or financial markets.
3. The Reflexivity Problem
Augur's security depends on REP's market cap, which depends on Augur's utility, which depends on its security. This creates a reflexive loop: declining usage reduces REP value, which reduces security, which further reduces usage.
4. Comparison with Centralized Alternatives
Polymarket avoids this reflexivity by using UMA's Optimistic Oracle, where the security budget comes from UMA token stakers who are incentivized by fees from many protocols, not just one prediction market. Centralized prediction markets (Kalshi, PredictIt) rely on legal/regulatory trust rather than economic security.
Recommendations
-
Market creators should ensure that the market value is well below the fork threshold. A safety margin of 5x is recommended.
-
REP holders should participate in dispute resolution to earn rewards and maintain the system's security.
-
Protocol designers should consider hybrid oracle designs that combine economic security with reputation and legal accountability.
-
Traders should assess oracle security as a risk factor when sizing positions in decentralized prediction markets. A market near the security limit carries oracle manipulation risk.
Extensions
- Dynamic fee modeling: Implement Augur's dynamic reporting fee that adjusts based on the ratio of open interest to REP market cap.
- Multi-market analysis: Model the security implications of multiple concurrent high-value markets.
- Game-theoretic simulation: Use agent-based modeling to simulate rational attackers and defenders across many dispute rounds.
- Cross-protocol comparison: Quantify the security margins of UMA, Chainlink, and Kleros for equivalent market sizes.