Oracles serve as bridges between the worlds of on-chain and off-chain, enabling blockchains to tap into real-world information. Whether it’s retrieving crypto asset prices or fetching the outcomes of a soccer game, oracles can access a wide range of external data, which can then be easily incorporated into the crypto ecosystem.
While oracles significantly enhance the functionality of blockchain networks by enabling the execution of tasks guided by real-world inputs, exploits due to oracle manipulations cannot be overlooked. In fact, close to a billion dollars has been lost due to breaches in oracles since 2020.
Oracle-Related Loss Hit $892M
According to Binance Research’s latest estimates, approximately $892 million has been siphoned off through manipulative actions associated with oracles over the last three years.
In numerous cases, individuals artificially inflate the prices of tokens with low liquidity within specific protocols. Subsequently, they exchange these artificially inflated tokens for other assets or utilize them as collateral to secure loans within lending markets.
On the brighter side, this trend appears to have slowed down. In 2023, the losses resulting from oracle-related exploits have notably diminished, which can likely be attributed to heightened security measures and a general decrease in Total Value Locked (TVL) within the decentralized finance (DeFi) ecosystem.
The research further stated that the use of oracles can be a double-edged sword, paving the way for vulnerabilities that malicious actors could potentially exploit.
“Oracle-less solutions seem to offer a set of enticing alternatives that alleviate the risks associated with oracles. Nonetheless, the adoption of these alternative solutions is influenced by a myriad of factors and considerations, and it may be more appropriate in some cases than in others.”
Oracle-Less Protocols Not Foolproof Either
As a solution, the report suggested several projects across the lending, derivatives, and non-fungible tokens (NFTs) that aim to reduce reliance on oracles.
However, the report also highlighted that oracle-less protocols come with trade-offs, such as increased complexity, reduced efficiency, and design constraints. Developers and users should carefully consider these factors when choosing between oracle-dependent and oracle-less solutions.