Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Price oracles are providing the price of a specific asset; this can either be on-chain or off-chain data powering this. AMMs, loan providers and more use this to provide proper prices. Integrating with price oracles properly is incredibly important for the security of the protocol.

The author posts some code and has a bunch of questions about the oracle. A few of these are listed below:

• What if the price is zero or very large?
• What about the unit (decimals) of the price? Or what if the price is inverted.
• How is the oracle updated? How often? delays? Can it be shut down?

The goal is to build robust oracles that handle anything that comes to it. From large price swings to broke oracles. The first, and most popular, price feed is Chainlink. This is queried through the AggregatorProxy, which interacts with the trading price contract directly. Within this, the latestRoundData() is called.

It is reccomended that this is wrapped in a try/catch block that then has a fallback oracle in case of failure. On top of this, the decimals and ordering of assets should be considered when programming with this.

Uniswap Time Weighted Average Prices. Simply querying from Uniswap pools is dangerous, due to the ability to manipulate the pool beforehand. As a result, by using a time weighted average, the price cannot be manipulated as easily.

UniswapV2 has an oracle library for doing this for you. When using this there is a trade off length. Although it's more protected against price manipulation, large jumps or drops in price would be less accurate. Another consideration is that TWAP of A in B is not the reciprocal of TWAP of B in A.

For Uniswap v3, the TWAP is built into the pool themselves instead of having developers keep track of this information themselves. When using this, tick information is returned; not the price. The price needs to be calculated from the tick.

The Open Price Feed is used by many protocols but is operated by Compound. UniswapAnchoredView contract manages the price for multiple assets. This has two price feeds: a trusted source (chainlink) and an anchor price (uniswap). If the posted price deviates too much from the anchor price, then the program will revert.

The final mentioned price feed is the maker oracles. These oracles have privileged accounts called relayers that aggregate data off-chain in a p2p network. The price data being added calculates the median price from various observations to get a price.

Overall, an interesting article on oracles in the DeFi space as well as their trade offs. I enjoyed the article, even though it is over 2 years old now.