author
Bowen Liu
author
bowen_liu@mymail.sutd.edu.sg
Pawel Szalachowski
Singapore University of Technology and Design
pawel@sutd.edu.sg
Singapore University of Technology and Design
first level title
Summary
first level title
Key words
Blockchain; DeFi platform; price oracle; decentralization
first level title
1 Introduction
Universal access to money and means of payment without the need for trusted parties is one of the promises of open cryptocurrencies. Decentralized Finance (DeFi) aims to extend this promise, proposing innovative and traditional financial instruments on top of blockchain-based smart contract platforms. Compared with traditional finance, DeFi has various advantages. First, it inherits blockchain properties such as decentralization, openness, accessibility, and censorship resistance. Secondly, DeFi is highly flexible, allowing rapid innovation and experimentation by combining, stacking or connecting different financial instruments. Finally, DeFi provides interoperable services. Generally, new DeFi projects can be built or formed by combining other DeFi platforms.[1]A growing trend within the DeFi ecosystem is hybrid protocols, which attempt to provide all the benefits of DeFi and remove the high volatility of crypto assets[2](This hinders the widespread application of DeFi). They do so by linking their crypto assets to regular financial instruments. A prominent example is decentralized lending protocols, which are getting more attention than any other category of DeFi protocols. MakerDAO[3]Is a collateral-backed stablecoin whose value remains stable relative to the U.S. dollar, which allows anyone to generate new tokens using collateralized assets through a dynamic collateralized debt system[4]. Once new assets are generated, they can be spent like any cryptocurrency. After repaying debt and stability fees, users can withdraw collateral and close out their loans. Following the success of MakerDAO, other DeFi lending platforms such as Compound[5],dYdX[6]Such a platform has already been released. By reducing the burden of traditional credit checks and reducing costs through automation, the Compound marketplace can actually algorithmically derive pools of assets with interest rates based on the supply and demand of specific assets. Lenders and borrowers of these assets can directly interact with the protocol to earn and pay floating rates, respectively, without negotiating any terms, such as maturity dates or interest rates. As of March 2020, DeFi Pulse reports that four public lending protocols (Fulcrum[7]。
, MakerDAO, and Compound) have more than $200 million in outstanding loans[8]Another example of a project working on price stability is AmpleForth[9], which is the first DeFi protocol with elastic supply. In response to changes in demand, the platform always seeks a price-supply balance based on the market and the CPI index by generally expanding or contracting supply to holders in order to maintain stability amidst economic shocks and runaway inflation. Synthetix
is another recent DeFi project that allows for the creation of “synthetic assets” — Synths, the prices of which can track currencies, cryptocurrencies, and commodities. Holders first lock up their Synthetix's native token, SNX, as collateral to mint various Synths, which are tokens that track the price of a target asset such as the U.S. dollar or gold.
In this work, we shed light on these few questions, presenting the first (to our knowledge) research on oracles in DeFi. First, we explain various oracle designs deployed in practice. Second, we systematically explore the oracles deployed in four popular and open DeFi platforms, MakerDAO, Compound, AmpleForth, and Synthetix, which rely on external oracles to provide prices. We perform detailed measurements of price biases caused by discrepancies between information provided by external oracles and real-world prices. Additionally, we measure oracle robustness and deployment practices analytically through transaction graphs. Finally, we compare the deployed platforms and provide insights on potential improvements.
first level title
2. Background[A]Many DeFi protocols aim to reduce the volatility of their crypto assets by using crypto collateral whose prices are pegged to certain real-world assets[10]. Unlike the real world, communicating asset prices to DeFi protocols is non-trivial as these protocols are implemented as smart contracts on the blockchain without access to any external sources such as current asset prices. Thus, in this design, the price oracle is the fundamental component that bridges the cryptoasset with external information about its expected value. In this section, we introduce well-known DeFi protocols and their oracle designs. All of these platforms and the vast majority of DeFi platforms are based on Ethereum
2.1 MakerDAO
of.
MakerDAO is the most popular decentralized lending protocol in which the native token SAI is pegged to the US dollar and collateralized in the form of crypto assets. Since the volatility of cryptocurrencies is an issue, MakerDAO provides the programmability of cryptocurrencies, unlike traditional cryptocurrencies such as Bitcoin or Ethereum, which have adverse effects due to volatility. Users deposit encrypted assets as collateral into the Collateralized Debt Positions (CDP) contract, which can generate multi-collateralized SAI tokens, which can be traded in the same way as any other cryptocurrency. At the same time, CDPs lock debt, known as overcollateralized loans, against the collateralization of debt (or C-ratio) and lock it out of use until the outstanding debt is paid off. The current C-ratio is set at 150%, which helps the platform manage risk for borrowers by over-collateralizing the underlying assets. When users want to get their collateral back, they must repay the debt in the CDP, plus a continuous stability fee over time that can only be paid in MakerDAO's native token (MKR). In addition to paying a stability fee, MKR tokens allow users to vote on the development of the platform and play an important role in MakerDAO's governance in proportion to the amount of MKR each owner owns. The combination of SAI as a stablecoin and MKR as a governance token ensures the stability of the system. Holders of MKR directly benefit from the use of SAI, and the utility of SAI is maintained by holders who can secure the system.[11]。
2.2 Compound
MakerDAO introduces an oracle module to obtain real-time prices of assets, and the accuracy of this information is critical as it determines whether a CDP has locked enough collateral assets and when to trigger liquidation. The oracle module consists of a number of whitelisted oracle addresses and an aggregator contract. The oracle periodically sends price updates to the aggregator, aggregates them, uses the mid-price as a reference price, and updates the platform with that reference price. Each asset type has an independent aggregator contract to gather information from authorized oracles. We provide a high-level overview of this structure in Figure 1. The aggregator contract implements access control logic that allows adding and removing price oracle addresses. This operation is determined by the governance, the MKR token holders, who vote and update changes to oracle addresses. Additionally, the logic allows the governor to set other parameters that control the behavior of the aggregator, for example, the minimum number of oracles required to accept a new median. Therefore, in this decentralized governance mechanism, MKR holders can manipulate oracles. Similar to a 51% attack, a coalition of members can manipulate the governance system to "steal" the system's collateral assets for profit
Compound is a blockchain-based lending platform where participants can lend their crypto assets and earn interest on them. Participants deposit their crypto assets as collateral into the Compound smart contract, which they use as collateral. The contract automatically matches borrowers and lenders and dynamically adjusts interest rates based on supply and demand. Similar to MakerDAO, Compound uses oracles to manage prices, which are managed and controlled by administrators (ie, holders of Compound’s COMP token). COMP holders can manage and upgrade Compound, and propose, vote and implement any changes through the management function. Proposals can include changes such as adjusting interest rate models or staking ratios, managing aggregator contracts, and choosing oracle sources.
2.3 AmpleForth
The logic of price update in Compound is shown in Figure 2. At the beginning, the administrator deploys an anchor contract, and then creates an aggregator contract with min, anchor and tolerance data sets, where min is to generate a new median Minimum report quantity required for price, defaults to 1. anchor indicates the address of the anchor contract, and the tolerance is set to 10%. The oracle system in Compound allows multiple authorized sources (called reporters) to report price data to an aggregator contract. Reporters can be exchanges, other DeFi projects, applications, over-the-counter (OTC) platforms, etc. Aggregators receive reference prices from reporters, validate them and calculate medians, which are then stored so they can be accessed by the Compound marketplace. The mechanism for updating the reference price of an asset is based on the anchor price (reported by the anchor address) and the upper and lower bounds of the median price calculated by the aggregator. If the ratio between the new median price and the anchor price is out of bounds, the asset's official reference price will not be updated.
Traditional commodities such as gold, and even cryptocurrencies such as Bitcoin (produced according to a fixed supply schedule) cannot effectively respond to changes in demand, making them vulnerable to destabilizing economic shocks and hyperdeflation. To address this shortcoming, AmpleForth created AMPL tokens to enable asset price information to automatically affect supply. It features an automatic price-supply balancing mechanism that generally and proportionally expands or contracts the number of tokens from each holder based on the AMPL-to-USD exchange rate, which is counter-cyclical and non-dilutive. AMPL is initially pegged to the U.S. dollar, but it is not permanently fixed as the platform takes into account the Consumer Price Index to balance future U.S. dollar inflation. Therefore, AmpleForth aims to increase the stability of purchasing power by changing the supply according to the demand for AMPL tokens. More specifically, whenever demand exceeds supply, the platform will automatically increase the total amount of AMPL to prevent the relative price of goods from increasing. Similarly, when total demand is less than supply, it reduces the total token supply accordingly.
Having an accurate and reliable source of market price information is critical for such agreements that aim at price-supply equilibrium. This core functionality of AmpleForth is shown in Figure 3. The platform administrator sets the min, delay and expire parameters of the aggregator contract during initialization, where min (the default is 1) represents the minimum number of data sources for the aggregation report to be valid, and delay is the number of seconds that must elapse from the start of the report to take effect (the default is set to 1 hour), expire represents the number of seconds that the report expires, and in AmpleForth, this value defaults to 2 hours. A valid report must exist publicly on-chain for at least 1 hour before it can be used by the provisioning policy, if a new report is not provided by 12 hours, it will expire on-chain. This means that only reports submitted within a valid timestamp are considered valid. We describe this logic in Figure 4, if we assume that the aggregator retrieves price information at time T0. The correct AMPL/USD price exchange rate is the median calculated by the aggregator from the reports submitted by trusted oracles in the following formula:[12]Chainlink Smart contract platforms like Ethereum lack the ability to connect smart contracts with off-chain resources such as the internet. Chainlink
2.4 Synthetix
Synthetix[13]Aims to solve this problem with a decentralized oracle network that bridges on-chain smart contracts with the off-chain environment. (In Section 5, we discussed Chainlink's competitor design.) It does this by providing APIs to smart contracts that can request off-chain resources such as: market data, bank payments, retail payments, backend systems , event data, or web page content. Chainlink consists of a network of multiple decentralized, independent oracles and aggregators that collect and process off-chain data and deliver it (processed) to smart contracts upon request. AmpleForth is an example of a platform integrated with Chainlink.[B]. These Synths are synthetic assets created through the Synthetix platform. Note that the Synthetix platform always values sUSD of one of the synthetic assets at $1. Synth prices are determined through oracles that report external real-world asset prices to the aggregator, which then calculates the median. As shown in Figure 5, the current oracles and aggregators are provided by Chainlink. Each asset type provides an independent Chainlink aggregator that maintains a number of oracle feeds. To ensure accurate data feeds, oracles update on-chain prices for a very short period of time (say, 5 or 10 minutes).
first level title
3. Measurement
In this section, we present the details and results of the measurement study. Focusing on the AmpleForth, Synthetix, MakerDAO, and Compound platforms, we evaluate and report on: 1. Market price volatility of platform assets (Section 3.1); 2. Deviation between market prices and oracle-reported prices (Section 3.2) ;3. Anomalies that may indicate that an oracle is malfunctioning or misbehaving (Section 3.3); 4. The oracle's transaction graph showing their interaction with the ecosystem (Section 3.4).
3.1 Price volatilityhttps://coinmarketcap.comIn this section, we demonstrate the price volatility of DeFi assets designed to smooth out volatility. We summarize the market prices for each of the above platforms in Table 1 (in USD, determined by
reported), the number of measurements in the table refers to the number of days the platform has been in operation). It can be seen that all platforms see price changes of 1% or 5% within a day, despite the goal of stability. Furthermore, the market price of AMPL has a daily price change of more than 10% in approximately 30% of the observed days. The price fluctuations over time are shown in Figure 6, where rapid price changes are mainly caused by trading volume changes, external events (such as a country banning cryptocurrencies), or speculation. All the results show that these DeFi protocols and the protocols that depend on their assets need real-time and accurate reference price data to hedge against the risks brought by high volatility.
3.2 Price deviation[14]to get data about oracles interacting with DeFi platforms. For each oracle, we analyze all of its transactions by extracting the transaction's data and metadata, parsing it into a human-readable price format, and comparing it to the source of the true price the oracle should follow (the oracle may use a different price source). In our experiments, we treat the oracle's declarative data feed as a benchmark for a given asset's price. Also, since the oracle's quoting method is not strictly specified, for each benchmark we also show its real-time "raw" price and the median over 1, 5, 10, and 60 minutes.
resultresult[C]: We first study the Synthetix oracle[15], comparing its 3,308 quotes and comparing them with data from different exchanges. As Synthetix integrates with Chainlink, we discover the source of the oracle's claimed ETH price[16]Is Coinmarketcap, Bitfinex[17]and Bittrex
. Therefore, in Figure 7, we show the ETH/USD price deviation between the oracle report and its price source. It can be seen that the number of quotes with deviations is large, most of which are within ±2%.[D]Likewise, in Figure 8 we show the MakerDAO ETH/USD oracle[18]deviation. Since the oracle does not specify a source, we use the same benchmark as in Synthetix for evaluation, except that Bittrex has only provided ETH/USD exchange rate information since June 2018
(We started counting oracle dynamics in January 2018). It can be seen that a large number of quotes are biased, most of which are in the 5% range, suggesting that the MakerDAO oracle is not performing as well as the aforementioned Synthetix oracle. In addition, there are some outlier quotes with deviations of more than 10% (which we investigate further in Table 3).[19][20]In AmpleForth, the declared oracle source is Anylock Analytics[E], however, it does not open an API to individuals to retrieve real-time prices. Therefore, we took the same baseline as Synthetix, except that Bittrex does not track the AMPL/USD exchange rate. We analyzed the AmpleForth oracle
980 transactions and checked the results against Coinmarketcap and Bitfinex. As shown in Figure 9, most deviations are in the 5% range, similar to the Synthetix oracles. Interestingly, there is one outlier with a very large deviation (i.e. 273.7%), which we discuss further in this section.[21]Compound's oracles use Kraken[22]and Coinbase Pro[23]As its ETH/USD price source[F]. Our oracle for Compound
An evaluation was carried out, analyzing a total of 2,144 transactions, and the results are shown in Figure 10. It can be seen that most of the deviations are in the range of 4%, and only a few deviations are higher than 5%.Deviation comparison
: In Figure 11, we show the average deviation for each source across all platforms. Note that the average deviation is calculated as follows:
To better illustrate the differences between oracles, we also give specific numbers in Table 2. It can be observed that, with the exception of AmpleForth (whose oracles introduce a rather high bias), most quotes have a bias of ≤1% and ≤5%, respectively. A possible reason could be that we are observing on a different baseline than the one we use (as mentioned earlier, AmpleForth's oracles do not disclose their price sources). However, the average deviation we measured was around 2.5%, which seems acceptable compared to other platforms.
outlieroutlier[G]: Since each oracle may face some unavoidable outliers due to sudden changes in real-time prices or errors of the oracle itself, in Table 3, we list outliers with large deviations observed in Section 3.1 specific quotes. In AmpleForth, market oracles on March 5, 2020[H]There was an obvious quotation error. At that time, the oracle machine submitted a hexadecimal price of 0x5667f2bb31e073c7, which was 273.7% different from the current exchange price. We did not find any reason for this exception, suspect a typo[I]. Another interesting anomaly reports a deviation of 50.2%.[J]This inconsistent entry is most likely due to the sudden drop in the exchange rate, reaching its lowest price in the past four months. A similar situation occurred in the two quotes submitted by MakerDAO’s oracle, which deviated by 12.8% and 12.2%, respectively, due to the sudden decline in the exchange rate of crypto assets in the past three months[K]. In Synthetix and Compound, the first two anomaly reporting percentages are much smaller than the previous two platforms, only 5%. The largest outliers in Synthetix also come from the true price
, while the second largest outlier is likely due to the recent volatility in the U.S. stock market.
3.3 Faults
MakerDAOIn this section, we investigate oracle failures. For MakerDAO, Compound, and AmpleForth, we check all transactions submitted by their oracles but unsuccessfully processed by the Ethereum network (rejected by the network or rolled back by the oracle itself). For Synthetix, due to the integration with Chainlink, we checked the oracle nodes of all supported assets, found out the real resources they collected from and evaluated these oracles.[L]: The reference price for ETH/USD in MakerDAO is updated by an aggregator that collects price data from a number of external sources. As shown in Table 4, since an ETH oracle[M]Exception errors in , 54 out of 7,042 transactions failed due to gas exhaustion[N]of transactions, the failure rate is 0.77%. The same problem exists for the other three oracles
AmpleForth, the failure rates are 2.17%, 1.39% and 0.53%, respectively.[O]: Next, we investigate all transactions initiated by AmpleForth's oracles. Our findings are shown in Table 4, as of April 2020, 30% of each of AmpleForth’s two market oracles occurred[P]and 34
SynthetixTransactions that were rolled back.
: Synthetix has fully integrated Chainlink's service for quoting. Each asset type supported by Synthetix has a corresponding set of Chainlink nodes to perform oracle-like tasks. We further investigated nodes for all trading pairs - ETH/USD, BTC/USD, AUD/USD, EUR/USD, CHF/USD, GBP/USD, JPY/USD, XAG/USD and XUG/USD, to identify potential Fault.
In Table 5, we provide details about the oracles, their corresponding data sources, and the problems encountered. We found that Omniscience, Ztake.org, Anyblock, and Simply VC had submitted transactions that were rolled back by the Ethereum network. As of February 14, 2020, Alpha Vantage had received 17 requests from Chainlink, but ignored them and failed to submit a response. LinkPool uses two external sources namely CryptoCompare and Alpha Vantage for ETH, BTC, AUD and XAG rates. However, Alpha Vantage's unreliability makes LinkPool unreliable as well. Fiews, Cosmostation, Validation, etc. are stable nodes, and no abnormalities have been found, while the sources of stake.fish and Chainlayer are not yet open to the public, so they cannot be audited.
3.4 Analysis of trading activities
AmpleForthThe oracle address may interact with a large number of Ethereum addresses, which may be ERC-20 token contracts, on-chain services, entities of other protocols, or external account addresses, etc. In this section, we focus on the activity analysis of oracles for DeFi platforms. We used BigQuery to scour the entire transaction history of an oracle, then build a transaction graph and find the most common addresses interacting with the oracle, the entities or external accounts it communicated with, and the interesting activity involved.[Q]: We collected 132,119 transactions from AmpleForth's marketplace oracle and found 47 addresses interacting with the oracle. As shown in Figure 12a, a large portion of the overall transaction is an interaction with a Chainlink aggregator, colored green. Red nodes indicate that the market oracle has 161 transactions using AmpleForth's UpgradeProxy contract to set or update certain parameters. Blue and orange are external account addresses, involving 48 and 1 transaction respectively. The oracle will continuously send to the blue node on March 13, 2020
MakerDAO48 transactions were sent with no input data (most likely test behavior).
Compound: Similarly, we used MakerDAO's ETH/USD oracle as our measurement object, extracted 4,914 transactions, and analyzed them. The results are shown in Figure 12b. The oracle in the figure interacts with four types of entities from seven different addresses. Most of the transactions are related to price publication behavior, however, two transactions failed due to gas exhaustion errors. It had four proxy campaigns (red nodes) and only three successful token transfers (blue nodes). In addition, there is a migration event when the platform decides to do the SAI and DAI conversion.
Synthetix: We selected an ETH/USD oracle in Compound and analyzed all 11,458 of its transactions. All transactions involve quote operations interacting with three on-chain aggregators. Unlike oracles on other platforms, the transaction history does not include interactions with other participants or services.[R], the aggregator self-destructed under unexplained circumstances. In addition to this, oracles participated in 2,056 transactions with contracts related to the Synthetix network, most of which obtained parameter values from the platform. An interesting activity (shown in red) is a total of 667 transactions sent to itself with no input data (most likely for testing purposes).
first level title
4. Discussion
4.1 Decentralization
In the background section, we discussed different designs of oracles in DeFi. Some of them rely on centralized aggregators for reference prices, while others work with Chainlink’s quote providers. In this section, we examine how oracle systems are implemented in practice, and how this impacts the platform's goal of decentralization.[24]Table 6 describes some properties that affect oracle decentralization. MakerDAO and Compound have a similar architecture in that they use a single aggregator to periodically retrieve price information from an external whitelist of oracle nodes. Even if the other components of these systems are deployed on a decentralized smart contract platform, the design has an inherent flaw of centralization. AmpleForth utilizes Chainlink to provide oracle functionality, which mitigates (due to Chainlink's design) the centralization risk of a single aggregator. However, it still relies on an aggregator contract to collect data from four oracles. In the near future, AmpleForth plans to fully integrate with Chainlink for data ingestion, so, so far, we classify it as a semi-centralized design. Synthetix Announces Synthetix and Chainlink Integration Now Running on Ethereum
, providing fully decentralized price information. The data source will be transferred to Chainlink's decentralized oracle network, and the reference price will be transferred on-chain by multiple independent nodes through economic incentives without relying on any centralized organization for support. So, for now, its design is the closest thing to a decentralized one.
Our initial research shows that the oracle ecosystem is immature. Therefore, in this section we attempt to learn from observations and provide insights on potential improvements to future oracle platforms.
transparencytransparency
: As discussed in Section 3.2, the oracle's price handling method is not explicitly stated. Even the data source of the oracle is obscure and unknown to platform users. This leads to a lack of transparency on the oracle platform and the potential for failure to detect oracle misbehavior as no entity currently has the ability to attest to the accuracy of oracle quotes. Our first suggestion for future oracle designs is that oracles should explicitly declare their manifests. Such a manifest would contain oracle metadata (such as oracle contact information), deployed data sources, expected update frequency, and an accurate derivation of prices. The underlying blockchain platform, due to its nature, we see as a natural place to publish such lists.responsibility system
: We believe that oracles are becoming important trusted parties responsible for their actions. In the blockchain ecosystem, we can envision that one viable way to achieve accountability is cryptographic incentives. Therefore, to incentivize oracles to report accurate prices at the promised frequency, we can imagine platforms implementing some mechanism that penalizes violations of the oracle list or platform policies, such as delays or underreporting, or verifiable misconduct, Such as high price deviation. This mechanism can be partially implemented through smart contracts, but it requires the oracle to store a large amount of encrypted assets.robustness of operation[25]. Higher gas prices will allow oracle reports to go online faster, as the blockchain network prioritizes transactions that pay higher fees.
first level title
5 related work
We are not aware of any work measuring or analyzing DeFi oracles, however, below we discuss the work most relevant to the topic.Oracle Design[26]: Town Crier (abbreviation: TC, city hawker)[27]is a proven data feed system for smart contracts. TC entities act as a bridge between smart contracts and existing websites that are already generally trusted by non-blockchain applications. It combines a blockchain front-end with trusted hardware (i.e. Intel SGX technology
TLS-N[28]) backend to fetch HTTPS-enabled websites to provide source-authenticated data to smart contracts that rely on that data. Thanks to the integration of SGX technology, TC can remotely prove that the correct code was executed. TC establishes a secure TLS connection with the website and parses its content, which is then used as input to the smart contract. However, one potential limitation of TC is that it positions Intel as the trusted party required to perform remote attestation.
is a generic TLS extension that provides non-repudiation security to the TLS protocol. TLS-N modifies the TLS stack so that TLS records sent by the server are authenticated (in batches). Thus, a TLS-N client can present a received TLS-N record to a verifiable third party, only needing to trust the server (and not any other trusted third parties). In general, TLS-N generates efficiently verifiable non-interactive proofs of the contents of a TLS session, which can be efficiently verified by third parties and blockchain-based smart contracts. In this way, TLS-N enhances the accountability of web content and provides a practical and decentralized blockchain oracle for web content. However, the main disadvantage is its deployability, which requires significant changes to the TLS protocol, and adoption is very slow.[29]Practical Data Feed Service (PDFS)
is an extension system for content providers that provides new features to improve data transparency and consistency verification. , which allows content providers to link web entities with their blockchain entities. In PDFS, data is authenticated through the blockchain without breaking the TLS chain of trust or modifying the TLS stack. In addition, content providers are free to specify the data format they want to use, so the data can be easily parsed and customized to generate smart contracts. PDFS enables content providers to audit and mitigate their malicious activities (e.g. data modification or censorship) and allows them to create new business models. The disadvantage is that the verification logic implemented in the smart contract is not lightweight and efficient enough. The potential improvement of PDFS may lie in the design of providing shorter proofs.:《SoK: Demystifying Stablecoins》[30]DeFi research[31]11 provides an easy-to-understand survey of mainstream DeFi protocols, with a focus on stablecoin design. 《A Classification Framework for Stablecoin Designs》[32]12 and Monetary Stabilization in Cryptocurrencies-Design Approaches
The general design of existing DeFi platforms is systematically discussed. Decomposing the design into components such as anchor assets, collateral amounts, price information, and governance mechanisms, this type of survey aims to explore the strengths and weaknesses of DeFi platforms to determine future development directions.:《Attacking the DeFi Ecosystem with Flash Loans for Fun and Profit》[33]Attack on DeFi[34]A detailed exploration of flash loans in the Ethereum network's DeFi ecosystem. It analyzes two existing attacks with an ROI of more than 500,000%, and then defines the parameters of finding a flash loan attack as an optimization problem. It also demonstrates how the previous two attacks could be "augmented" such that they would yield $829,500 and $1.1 million in profits, a 2.37x and 1.73x increase, respectively. Lewis et al.
Explores how design flaws led to the DeFi crisis. Their paper discusses over-collateralization and governance attacks on MakerDAO, proposing a new form of economic crisis propagation.[35]For the pump-and-dump problem of cryptocurrency, "The anatomy of a cryptocurrency pump-and-dump scheme"[36]Examining 412 pump and dump campaigns, building a model to predict the likelihood of various cryptoassets pumping ahead of shipments, and uncovering patterns in pump and dumps in the crypto market. Josh et al.
Existing information literature on pump and dumps in the classical economics literature is examined, synthesized with cryptocurrencies, and criteria are proposed to define "pump and dumps" for cryptocurrencies. These patterns can locate suspicious points of abnormal trading activities in abnormal behaviors to flag potential pump and dump activities.[37]An arbitrage strategy implemented on a decentralized exchange is proposed, with robots paying high transaction fees and optimizing their network latency to trade ahead of ordinary users. Through an empirical study of bot profit-seeking behavior and blockchain-specific strategies, "Flash Boys 2.0: Frontrunning in Decentralized Exchanges, Miner Extractable Value, and Consensus Instability" formally simulates a bot's efforts to obtain miner-provided gas in a gas auction. The competing behavior of priority shows that in many cases, pure arbitrage by bots generates far more revenue than Ethereum block rewards and transaction fees.
first level title
In this paper, we conduct the first study of oracles in DeFi. We dispelled the fog of oracle design on mainstream DeFi platforms. Through large-scale measurements of oracles deployed on four well-known open DeFi platforms, Maker DAO, Compound, AmpleForth, and Synthetix, we studied the details of price deviations, derived from real-time prices and oracle node quotes. We compare the price deviations of deployed platforms, perform a detailed assessment of oracle stability, accountability, and deployment models. We have found that deviations from the claimed data source and operational failures are very common. Finally, we discuss the potential security gaps that such platforms may suffer from and propose recommendations that could improve some of the known shortcomings.
note
[A]note
[B]We note that there are other designs that do not require anchors or collateral, but these systems are beyond the scope of this paper, and we refer the reader to a recent survey.
[C]Currently, Synthetix's debt collateralization ratio is 800%.
[D]Address: 0xac1ed4fabbd5204e02950d68b6fc8c446ac95362
[E]Address: 0xfbaf3a7eb4ec2962bd1847687e56aaee855f5d00
[F]Address: 0x8844dfd05ac492d1924ad27ddd5e690b8e72d694
[G]Address: 0x3c6809319201b978d821190ba03fa19a3523bd96https://bit.ly/2KHiTFE
[H]Trading Information:
[I]When changing the first digit of the transaction payload, the bias was reduced to 2.9%, which is the standard range for this oracle.https://bit.ly/2K5kSDF
[J]Trading Information:https://bit.ly/3ep74BO, https://bit.ly/2K3NcGb
[K]Trading Information:https://bit.ly/34Av0xo
[L]Trading Information:
[M]Address: 0x000df128eb60a88913f6135a2b83143c452c494e
[N]This error occurs when completing a transaction requires more computing resources than the sender provides.
[O]Address: 0x005b903dadfd96229cba5eb0e5aa75c578e8f968, 0x0032ad8fae086f87ff54699954650354bb51e050, 0xa8eb82456ed9bae55841529888cde9152468635a
[P]Address: 0xd0352aad6763f12d0a529d9590ea2f30421667a6
[Q]Address: 0xcaefaf2130f0751520d5a6a62f3b9c9eaa4739f4
[R]references
references
[1] 2020. Most volatile cryptos. https://yhoo.it/2YhINbg.
[2] 2019. MakerDAO. https://makerdao.com.
[3] 2019. SAI. https://sai.makerdao.com.
[4] 2019. Compound. https://compound.finance.
[5] 2020. Fulcrum. https://fulcrum.trade.
[6] 2019. dYdY. https://dydx.exchange.
[7] 2020. The active outstanding loans from open lending protocols reported by DeFi Pulse. https://defipulse.com/defi-lending.
[8] 2019. Ampleforth. https://www.ampleforth.org.
[9] 2019. Synthetix. https://www.synthetix.io.
[10] 2020. Ethereum DeFi ecosystem. https://defiprime.com/ethereum.
[11] 2019. How to turn $20M into $340M in 15 seconds. https://bit.ly/2VNilEM.
[12] 2019. ChainLink. https://chain.link/.
[13] 2019. Synthetix whitepaper. https://www.synthetix.io/uploads/synthetix_litepaper.pdf.
[14] 2020. Ethereum in BigQuery: a Public Dataset for smart contractanalytics. https://bit.ly/3aNU8lU.
[15] 2019. The sources of Chainlink ETH/USD. https://feeds.chain.link/ethusd.
[16] 2019. Bitfinex. https://www.bitfinex.com.
[17] 2019. Bittrex. https://global.bittrex.com.
[18] 2020. Bittrex ETH/USD rate. https://bit.ly/2VQHTRv.
[19] 2020. Anylockanalytics. https://www.anyblockanalytics.com.
[20] 2020. The claimed sources of AmpleForth’s oracles. https://bit.ly/3aMaqfc.
[21] 2019. Kraken. https://www.kraken.com.
[22] 2019. Coinbasepro. https://pro.coinbase.com.
[23] 2019. The claimed sources of Compound’s oracles. https://bit.ly/3bNiuh5.
[24] 2020. Synthetix integrates with Chainlink. https://bit.ly/3bJfLFc.
[25] 2020. Ethereum gas price shot up. https://bit.ly/2y15AgR.
[26] Fan Zhang, Ethan Cecchetti, Kyle Croman, Ari Juels, and Elaine Shi. 2016. Town crier: An authenticated data feed for smart contracts. In 23rd ACMSIGSAC conference on computer and communications security.
[27] Victor Costan and Srinivas Devadas. 2016. Intel SGX Explained. IACR Cryptology ePrint Archive (2016).
[28] Hubert Ritzdorf, Karl Wüst, Arthur Gervais, Guillaume Felley, and Srdjan Capkun. 2017. TLS-N: Non-repudiation over TLS Enabling Ubiquitous Content Signing for Disintermediation. IACR Cryptology ePrint Archive (2017).
[29] Juan Guarnizo and Pawel Szalachowski. 2019. PDFS: practical data feed service for smart contracts. In 24th European Symposium on Research in Computer Security.
[30] Jeremy Clark, Didem Demirag, and Seyedehmahsa Moosavi. 2019. SoK: Demystifying Stablecoins. Available at SSRN 3466371 (2019).
[31] Amani Moin, Emin Gün Sirer, and Kevin Sekniqi. 2019. A Classification Framework for Stablecoin Designs. In 24th Financial Cryptography and Data Security.
[32] Ingolf Gunnar Anton Pernice, Sebastian Henningsen, Roman Proskalovich, Martin Florian, Hermann Elendner, and Björn Scheuermann. 2019. Monetary Stabilization in Cryptocurrencies-Design Approaches and Open Questions. In 2nd IEEE Crypto Valley Conference on Blockchain Technology.
[33] Kaihua Qin, Liyi Zhou, Benjamin Livshits, and Arthur Gervais. 2020. Attacking the DeFi Ecosystem with Flash Loans for Fun and Profit. In arXiv preprint: 2003.03810.
[34] Lewis Gudgeon, Daniel Perez, Dominik Harz, Arthur Gervais, and Benjamin Livshits. 2020. The Decentralized Financial Crisis: Attacking DeFi. arXiv preprint: 2002.08099.
[35] Jiahua Xu and Benjamin Livshits. 2019. The anatomy of a cryptocurrency pump-and-dump scheme. In 28th USENIX Security Symposium.
[36] Josh Kamps and Bennett Kleinberg. 2018. To the moon: defining and detecting cryptocurrency pump-and-dumps. Crime Science (2018).
[37] Philip Daian, Steven Goldfeder, Tyler Kell, Yunqi Li, Xueyuan Zhao, Iddo Bentov, Lorenz Breidenbach, and Ari Juels. 2020. Flash Boys 2.0: Frontrunning in Decentralized Exchanges, Miner Extractable Value, and Consensus Instability. In 41st IEEE Symposium on Security and Privacy.
This article was translated by WJW, a community volunteer of the WePiggy lending agreement.
