Abusing ZOLBO
ZOLBO is designed to handle a variety of potential abuse scenarios. Below, each abuse case is briefly introduced, and a table provides detailed information on how ZOLBO mitigates these risks.
API Key Misuse
ZOLBO monitors the permissions granted through API keys to prevent unauthorized access or misuse.
Description
Users may set excessive API key permissions (e.g., withdrawal rights) that allow unauthorized access or manipulation of their accounts.
Mitigation Strategy
ZOLBO automatically checks API permissions, disabling operations until unnecessary permissions are adjusted. Users can review and modify permissions at any time​.
Bulk Purchase and Resell Arbitrage
ZOLBO allows users to engage in bulk purchasing and reselling of ZLB tokens, a practice that benefits smaller buyers and maximizes ZOLBO’s revenue.
Description
Users might exploit bulk purchase discounts to resell ZLB tokens at a lower price, potentially manipulating the market.
Mitigation Strategy
ZOLBO encourages this practice, as it benefits smaller buyers and maximizes revenue by utilizing price discrimination strategies, similar to coupons​.
Manipulation of Governance Voting
Large stakers might attempt to gain excessive control over governance decisions.
Description
A user could stake a large number of ALC tokens to disproportionately influence governance decisions for personal gain.
Mitigation Strategy
Governance voting power is determined by both the number of ALC tokens staked and the duration of the staking. The ZOLBO team maintains a guaranteed 30% voting power​​.
Overloading the System with Frequent Small Transactions
To prevent system overloading, ZOLBO limits frequent toggling of the ON/OFF button.
Description
Users may frequently toggle the ON/OFF button, straining the system by making frequent position changes.
Mitigation Strategy
The OFF button has two options (immediate position sale within 15 minutes and 24-hour sale). Beyond three free OFF operations per day, a fee of 5 ZLB applies​.
Interference with Automated Trading by Manual Action
Manual intervention through direct trades or withdrawals distorts ZOLBO's automated portfolio management.
Description
Users might manually place trades or withdraw funds from their exchange accounts, causing margin distortions and increasing risk. Depositing additional funds does not interfere.
Mitigation Strategy
ZOLBO discourages manual trading and direct withdrawals from accounts. A penalty fee is applied to disincentivize these actions, helping maintain optimal portfolio strategies​​.
Unauthorized Account Access
To prevent unauthorized access, ZOLBO employs secure login procedures.
Description
Hackers may try to gain unauthorized access to user accounts through phishing or other methods.
Mitigation Strategy
ZOLBO uses Google login with email verification codes. Verification is required once every 24 hours, ensuring an additional layer of security​.
Data Privacy Exploits
ZOLBO ensures that sensitive data, such as profit information, is securely stored.
Description
Personal data, such as users' profit information, could be exploited or accessed without proper protection.
Mitigation Strategy
ZOLBO stores user data in compliance with South Korea’s data protection laws. The platform uses encryption to secure sensitive data from unauthorized access​​.
Using Additional API Keys to Operate Multiple Accounts
Using additional API keys to operate multiple accounts can lead to inefficient performance.
Description
Users may try to operate multiple accounts using separate API keys, bypassing ZOLBO’s optimization, which could result in inefficiency.
Mitigation Strategy
ZOLBO’s strategy is optimized for each account’s balance. Operating multiple accounts increases slippage costs and lowers the Sharpe ratio, making it inefficient​.
Last updated
Was this helpful?