Conversation

Replying to

and

blog.chain.link

We examine how Chainlink Price Reference Data provides the highest level of data quality to smart contracts & how to avoid large risks when building oracles

Replying to

and

It just scares me when you say things like this (linked tweet) because if projects are really going to be using serum as their only source of price data...

Quote Tweet

SBF

@SBF_FTX

Nov 10, 2020

14) And he can keep buying until either (i) he's hedged his exposure to the oracle, or (ii) it's now in line with what he thinks is fair. Lots of people building on @ProjectSerum are planning to use bonfida.com/dex/#/ prices as oracles for this reason.

Show this thread

Replying to

To be clear: 1) I think they should use a sanitized version of it 2) Serum is on-chain. That makes it *way* different from the cases you cite; a lot of the problems you might worry about go away (at least for other projects on Solana).

Replying to

and

to be clear there are still a lot of nuances here but many of your points don't really apply to on-chain oracles that you can trade against composably in real time with small fees.

Replying to

and

Having the data being generated on-chain doesn't necessarily mean it's trustworthy There have been numerous incidents involving DEX-based price oracles that led to millions in user funds getting lost Promoting their usage is just downright dangerous in my opinion

Replying to

1) I think this is very different on Ethereum vs Solana. When it takes minutes to trade on a DEX and lots of tx's fail, you can't reliably hedge; that's way easier on Serum. 2) A lot of this is solved using EWMAs. E.g. mid(last, bid, offer), bounded by 5% away from 5m EWMA.

Replying to

and

(2) means that you'd need to sustain a bad price for minutes in order to have a significant attack, and anyone could trade against your (bad) orders on the DEX in seconds; that makes it *way* harder to attack.

Replying to

and

again, this isn't perfect, and you prob want to add a bunch of other sanity checks, but I do think that this ends up being way more safe than most current DEX-based oracles

Replying to

and

I think it comes down to the simple fact that using a single exchange as your price oracle (yes even a on-chain exchange) will always be an attack vector no matter what data calculation method you use You need market wide coverage

Replying to

and

If the liquidity on the exchange your DEX based price oracle relies moves to another exchange... Then the cost of attack lowers dramatically, price feeds that aggregate across all trading environments don't have this issue

SBF

@SBF_FTX

Replying to

@ChainLinkGod

idk I mostly agree with you here -- having multiple exchanges is good! I wish you'd be willing to acknowledge that there are tradeoffs here too and that having it fully on-chain is also cool, and there are pros and cons, even if you think the cons outweigh the pros.

10:25 PM · Nov 10, 2020Twitter Web App

Replying to

and

EWMA is easier to attack than Linear TWAP in low liquidity conditions, but the price quote would be of better accuracy than Linear TWAP.

Replying to

and

There's trade-offs for sure, but I've seen enough DeFi protocols get hacked because of poor oracle practices that even seeing someone considering a DEX based price oracle makes me feel a bit queasy A multi-million dollar loss in user funds lost type queasy

Replying to

oh yeah feeling queasy is *definitely* correct! if poorly executed it's definitely fucked.

Show replies