From popular stars to DeFi high-risk zones, how to prevent oracle security issues?


 701 total views

Decentralized way to generate price data on the chain, this may be the only feasible correct logic.

Original title: “Why the oracle becomes the current high-risk point of DeFi? 》
Written by: WebX Lab

One by one, the exploding of Compound’s asset liquidation incident of tens of millions of dollars at every turn made the previously highly regarded oracle a target of public criticism. Moreover, the series of lightning loan attacks have created an increasingly vicious demonstration for the outside world. From a series of incidents, exploits based on reentrancy have declined in the past few years, while exploits based on oracle price manipulation have declined. The rate is now rising, and the oracle has become a high-risk zone.

Why oracle is an important role in DeFi?

The oracle mainly revolves around how the blockchain protocol collects data from third-party sources in a reliable and credible way, and then feeds the data back to the highly networked and automated decentralized application Dapp and smart contract to realize the world from outside the chain The introduction of information sources and data sources to establish authoritative facts on the chain.

The introduction of such external data will serve as an important basis for triggering smart contracts on the chain. Taking Compound as an example, they need the price of the oracle machine to determine the borrowing capacity and mortgage requirements, as well as all the functions that need to calculate the value of the account, so as to determine whether to liquidate the assets of this account to meet the mortgage demand. For some DEXs that adopt the AMM scheme, due to the small scale of transactions and insufficient depth, their market prices are easily affected by large transactions and fluctuate sharply. This also requires oracles to provide mainstream exchange data to avoid such violent fluctuations. fluctuation.

Speaking of this, you may think that the oracle may only be a single auxiliary component, which can only be used as the introduction of external data, but the opposite is true. The price-feeding function of the oracle or the reliable support of the data source is only a very early form. In the long run, the oracle will serve as a master of various elements of the real world, such as data, information, credit, and assets. It provides data or information. The degree of correctness, the degree of decentralization of technology and the degree of intelligence of module scripts will all have a significant impact on the connection between the future blockchain world and the real world.

From popular fried chicken to high-risk predictors

The oracle itself became famous in the midsummer of the DeFi boom this year, and projects including Chainlink and NEST Protocol once became popular star projects under the market spotlight. However, the earlier heat is in sharp contrast with the direction of public opinion in the last month, and the oracle is pushed to the cusp of the storm in another direction.

The reason is that the oracle has increasingly become a breakthrough point in events such as lightning loan attacks and compound liquidation. Compound CEO Robert Leshner responded, “The Compound protocol itself does not seem to have suffered a loss. It is unclear whether the oracle attack was intentional or accidental, or both.”

Looking back at the previous Synthetix attack, the core logic is that on Synthetix, users can synthesize other currency assets. Synthetix (at that time) relied on a customized off-chain price feed mechanism to calculate the total price from a set of secret feed prices, and set it at a fixed price. The time interval is posted on the chain. Then, according to the calculated price, users are allowed to trade long or short for the asset.

From popular stars to DeFi high-risk zones, how to prevent oracle security issues?Demonstration of Synthetix MKR manipulation

Then at the end of June 2019, one of the price feed channels that Synthetix relied on erroneously reported the Korean won price. The price was 1000 times higher than the real exchange rate. This price was accepted by the system and posted on the chain. A trading robot quickly bought and sold in the sKRW market, and the profit exchange rate difference made huge profits. Although Synthetix extracted prices from multiple sources, then a wrong quote caused the entire platform to suffer a devastating blow.

The principle of the earlier lightning loan attack was very simple, that is, the perpetrator loaned a huge amount of money from the lightning loan for use in deep or low-flow exchanges or pools, and this would result in a situation where asset prices were manipulated in a short time. This kind of data fluctuations that are not in line with the actual manipulation will bring wrong input and output to the oracle. The perpetrator can easily profit by using the consequences of these wrong input and output. To put it more bluntly, the attacker The price is almost completely controlled during the transaction, and the victim can only passively accept the loss. In the same way, in the Compound liquidation event, the price of the stablecoin DAI on the Coinbase Pro platform was once pulled up to $1.3, which led to the large-scale liquidation of Compound, the DeFi protocol that used the platform’s oracle to feed price information.

The “culprit” DAI rose because Coinbase Pro uses an order book model, which makes it easy to manipulate prices when liquidity is insufficient. The attacker calculated in advance the amount required to manipulate the DAI price of the Coinbase Pro platform, as well as the profit that can be obtained by liquidating the Compound Giant Whale, and completed the attack in a short time.

From this point of view, the oracle as an important basis cannot guarantee the authenticity or validity of the data source to a large extent. The price of the oracle of the Compound platform is centralized and single, and the centralized source is easily forged. , Tampering, modifying or hiding information. This use of any single centralized data source as a price oracle is unwise and extremely dangerous. The ingestion of corrupted or invalid data by the oracle may bring huge consequences to downstream users. Disaster.

On the other hand, off-chain data generally responds slowly to price fluctuations and is not smart enough. The reason behind this is that you need to believe that the privileged users who push data on the chain will not go bad and will not be duressed to push bad updates, and this kind of trust push does not allow any privileged party to access, which means that even if attacked, they can only wait and die , Because there is no better solution to keep up, this has led to asset losses one after another, but in essence, the attacker’s control methods are not sophisticated, but at this stage the oracle is not smart enough to respond in time And resist. In the future, a relatively mature oracle should be the authoritative source of truth for an agreement, concerning the price of assets, the state of the market, and the handling of crisis events.

To save DeFi security, first save the oracle

Since the loopholes of the oracle have been mentioned above, especially after suffering a lot of painful costs, the “short board” of the oracle has been exposed. Then, to save DeFi security, the first thing to do is to choose the data source supplier. The oracle itself must be able to generate price data on the chain through a decentralized method that conforms to the blockchain consensus mechanism. This is also the only feasible correct logic, instead of finding the median of several nodes in a centralized data source and simply feeding the price on the chain.

In addition, the oracle should seek more protective shields. In this regard, it can rely on safer third-party agencies to escort and further reduce the possibility of crisis loopholes. In terms of quotation, the oracle should aggregate data from multiple nodes as much as possible, reserve a processing mechanism for price deviations, and update synchronously according to time to ensure that the data provided to the smart contract is reliable, credible, and anti-interference, such as data credibility verification mechanism, The abnormal alarm mechanism, etc. should be used on the oracle.

The most important thing is how to provide timely feedback and prevent incidents in the processing of abnormal data. We can appropriately increase some human interventions. That is, when the market fluctuates greatly, the chain performs abnormally, and the price update is slow, we You can set up a dedicated reporter to manually post updates on the chain. To prevent the occurrence of abnormal data more intelligently, you can refer to the Nest oracle project, which builds a game mechanism between decentralized validators and quotation miners, forming a method of pledge quotation transactions to assets to generate bilateral quotations on the chain , Directly prevent incorrect data from being adopted.

Whether it is the development of DeFi or the expansion of new areas of blockchain, data exchange on and off the chain is imperative, and the role of oracles cannot be underestimated. With the increasing number of data types of oracles, its influence and key role are becoming more and more important. The oracles will also develop from price oracles to event-type oracles. Industries such as gambling, government affairs, and games have already There has been the adoption and promotion of event-type oracles. It is believed that after the vicissitudes of life, the oracles will still serve as a heavy weapon for the world on and off the chain. It just takes time to practice.

Disclaimer: does not endorse any content or product on this page. While we aim at providing you all important information that we could obtain, readers should do their own research before taking any actions related to the company and carry full responsibility for their decisions, nor can this article be considered as investment advice or recommendations. Every investment and trading move involves risk, you should conduct your own research when making a decision.