Oracle manipulation, also known as Oracle price manipulation, is a type of exploit commonly observed in the DeFi space.
It involves attackers manipulating an Oracle smart contract, leading to system failures, theft, and other forms of damage.
In 2020 alone, DeFi networks reportedly lost over $33 million due to price oracle manipulation.
Understanding Oracles in Blockchain
Oracles serve as third-party service providers supplying blockchains with external or real-world data, such as price feeds, weather information, statistics, etc.
Price feeds are particularly vulnerable to exploitation among the various types of oracle data, as they enable attackers to steal significant amounts of funds from DeFi platforms.
Methods of Price Data Collection by Oracles
There are generally two methods through which oracles gather price information.
The first approach involves seamlessly extracting price data from centralized exchanges using APIs.
The second method involves oracles performing calculations themselves by consulting decentralized exchanges (DEXs).
Each of these methods has its own advantages, disadvantages, and susceptibility to manipulation.