In the world of DeFi (decentralized finance), oracles play a crucial role in ensuring the accuracy and reliability of data
especially pricing data used within various protocols and platforms.What are price oracles
A price oracle is a specific type of oracle that provides off-chain (external) price information to on-chain (blockchain) smart contracts.
Given the isolated nature of blockchains, smart contracts cannot access external information directly, and oracles serve as a bridge to bring this external data onto the blockchain.
Why price oracles are so important in DeFi
Price oracles are widely spread in DeFi. They are a core element of many crypto projects.
Lending protocols determine with oracles the correct collateralization levels and initiate liquidations when necessary. Algorithmic stablecoins maintain their peg to external assets.
Synthetic assets track prices of RWAs (real-world assets) to manage synthetic versions on the blockchain.
Any project that uses asset prices needs some kind of price oracle.
As oracles are widely used in crypto projects and almost always play a crucial part in them, oracle attacks have become one of the most popular types of attacks on crypto projects.
Types of prices oracles, their advantages, disadvantages and security issues
Chainlink price oracle
Arguably the most well-known oracle provider, the solution consists of a network of oracles (data feeds) that convey data into the blockchain.
Overview
A group of independent operators updates each data feed. Subsequently, a smart contract validates and aggregates data from these operators.
Operators are rewarded for their data-publishing activities.
Each data feed has its specific parameters, such as the minimum number of oracles, the minimum number of oracles required to update the price and the frequency of updates.
Data aggregation
Given that the data is supplied by various operators, a crucial step involves amalgamating them into a single value.
This process unfolds in two steps
initially, operators utilize off-chain reporting, and then the data is supplied to the aggregator contract.Off-chain reporting embodies a P2P (peer-to-peer) network of operators consisting of multiple nodes.
Every node signs and submits its price, and via a consensus mechanism, an aggregate transaction is crafted.
This transaction includes operators’ signatures and submitted prices and is subsequently validated on-chain.
Utilizing a network of operators with a consensus mechanism significantly reduces the cost of forming the final price
all aggregation calculations are performed off-chain, and only one final transaction is recorded while also maintaining the solution’s decentralization.It’s worth noting that Chainlink price data feeds are not available in all networks and certainly not for all currencies.
The addition of additional currencies is possible, but they must meet specific Chainlink requirements, which can be expensive.
Therefore, when the necessary currency for a project is absent, other types of oracles must be considered.
Pyth price oracles
Another popular price oracle provider operates across more than 12 chains. Similar to Chainlink oracles, it comprises three main components, which are as follows.
Let’s examine how the Pyth architecture works for the majority of the systems supported by Pyth.
For data aggregation, a protocol named Pythnet is used. It’s a Solana-powered application blockchain utilized by Pyth’s data providers.
These providers supply price quotes for each asset. Pythnet combines these prices to produce a single aggregated price.
Subsequently, the combined prices are transferred to target chains using the Wormhole protocol. Finally, the consumer contracts retrieve the prices from on-chain storage.
TWAP oracles
TWAP oracles compute the average price of a particular asset over a specific time interval.
As implied by the name, these on-chain oracles operate based on a principle that calculates the mean asset price over a predetermined time period.
While seeming straightforward in their functionality, deploying them securely presents notable challenges.
One of the pronounced advantages of utilizing TWAP oracles lies in addressing the issue of price manipulation within DEX pools.
In scenarios where a project is pegged to the instantaneous price of an asset, malefactors may exploit this by utilizing a flash loan to skew the asset’s price and subsequently execute an attack.
By leveraging TWAPs, the manipulator is compelled to maintain the distorted price over a particular duration, allowing arbitrage mechanisms to come into play and counteract the malicious intent.
Despite the apparent simplicity of TWAP oracles, ensuring their secure implementation can be a complex undertaking.
The resilience to attacks is contingent upon several factors, such as the effectiveness of the arbitrage mechanism, the pool’s capital volume, the protocol’s immunity to price manipulations, the network’s consensus mechanism and various other elements.
Generally, it can be posited that relying solely on TWAP oracles cannot be deemed entirely secure.
However, they can proficiently function as a complementary measure alongside other types of price oracles.
In synthesizing, while TWAP oracles serve to inhibit and complicate exploitative price manipulations in DEX pools by necessitating the maintenance of manipulated prices over a specified timeframe, their deployment should be approached with a meticulous understanding of their complexities and potential vulnerabilities.
Considering them as part of a wider, multi-faceted oracle strategy is instrumental in enhancing the robustness and security of blockchain projects in navigating the volatile and sometimes adversarial landscapes of cryptocurrency markets.
Open price feed
This is an oracle developed by the Compound protocol.
The main idea of the oracle is to combine prices from different sources Chainlink and Uniswap markets
originallyThe Open price feed oracle uses a special contract that allows a trusted source to update prices.
Once the price is updated, it’s compared to an anchor price from Uniswap pool.
If the price deviates from the anchor price more than initially set boundaries, the price update is discarded.
The anchor price is fetched with the TWAP mechanism described above.
Open price feed defends from incorrect data posted by an external price provider.
The downside is when the price fluctuates frequently, the TWAP price may be not updated and the actual asset price provided by an external source would be discarded.
Maker DAO oracles
Maker oracles are one of the oldest oracles in the EVM ecosystem.
Like Chainlink and Pyth, it uses an off-chain network where price broadcasters supply asset price evaluations.
The on-chain oracle module has two main contracts
edian and OSM (oracle security module).The ‘median’ component provides the Marker’s trusted reference price. It computes a median of received prices and stores its value.
The ‘OSM’ contract ensures that the stored price values are not taken before a certain delay has passed.
It should be noted that this price oracle is available only for whitelisted contracts.
Conclusion
Price oracles are a crucial part of the DeFi ecosystem. The security of numerous crypto projects depends on oracles.
Unfortunately, there is no best solution for a price oracle
each oracle has its own limitations, advantages and disadvantages.That’s why it’s important to know what oracles are available and to choose the best solution for a crypto project.
FAQ
In which crypto projects can price oracles be used?
Price oracles can be used in a multitude of crypto projects, especially those within the DeFi sector.
Examples of use cases include lending protocols which need to ensure correct collateralization levels, algorithmic stablecoins which require reliable price pegs to external assets and synthetic asset platforms which need to track RWA prices to manage their on-chain synthetic counterparts.
Is there a best solution for oracles currently available?
No, there is no one-size-fits-all best solution for oracles at the moment.
Each oracle has its own advantages and disadvantages, depending on specific use cases, security models and network compatibility.
Therefore, it’s pivotal to understand the available oracles and choose one that aligns best with a particular crypto project’s requirements and goals.
What are the dangers of using TWAP oracles?
While TWAP oracles offer certain merits, such as mitigating immediate price manipulations by averaging the asset price over a specified time, they are not impervious to threats and complexities.
Deploying TWAP oracles securely is notably challenging, and their resilience to attacks hinges on several variables including the arbitrage mechanism’s effectiveness, the liquidity pool’s capital and the network’s consensus mechanism, among others.
They might be used effectively in conjunction with other types of oracles to ensure enhanced security and functionality in a multi-oracle strategy.
Gleb Zykov is the co-founder and CTO of HashEx Blockchain Security. He has more than 14 years of experience in the IT industry and over eight years in internet security, as well as a strong technical background in blockchain technology Bitcoin, Ethereum and EVM-based blockchains.
Follow Us on Twitter Facebook Telegram
Generated Image: Midjourney