Understanding the term
In a design flaw attack, a malicious user creates either a smart contract, a decentralized market, or any other software application which has certain flaws to trick individuals interacting within the particular permissionless environment. It typically exhibits high incentives for users to lock their funds into a smart contract. A flawed definition in some rules surrounding the smart contract or protocol may lead to unfair settlement or release of funds.
A design flaw attack can also be conducted when a user decides to exploit flaws on a contract created by another user without any malicious intent. In this case, the attacker would use information asymmetry between the attacker and any other potential open network participant to conduct the attack. Design flaw attacks mostly target prediction markets, oracles, or data sources such as price feeds.
A design flaw attack is a smart contract attack where the creator of a smart contract intentionally creates a flaw in their design to take advantage of unsuspecting users. Design flaw attacks are quite common in the smart contract world, particularly in areas where it is difficult to determine with certainty that a necessary condition has taken place.