Fallback Oracles
Ensuring Decentralized Trust in Smart Contracts
Smart contracts are only as reliable as the oracles they rely on. A fallback oracle is like a spare tire — you don’t need it until you do, and when you do, you’re glad it’s there!
📜 Smart contracts have revolutionized the way we conduct transactions, and have enabled new levels of decentralized applications and services, but they rely heavily on accurate and reliable data to function correctly. This is where oracles come in, acting as a bridge between the blockchain and the real world to provide essential off-chain data to smart contracts.
📌 The Alliance of Decentralized Oracles suggests some important rules for developers using oracles. These include being clear about the data they want, being careful when picking data sources, and choosing the right oracle(s). However, oracles themselves can have issues and be easily influenced, especially when there’s only one source to rely on. This can result in mistakes or attacks, like manipulation or network disruptions, that can cause problems with smart contracts, sometimes even leading to their failure.
😵 How do Oracles fail:
Oracles are vulnerable to exploitation in multiple ways, with severe consequences. Some examples are:
- Data manipulation: Oracles need accurate data sources to provide information to smart contracts. Compromised data sources can lead to incorrect data being provided to the smart contract, resulting in unexpected outcomes. For instance, wrong asset price information can lead to financial losses from trades executed at the wrong price.
- Malicious nodes: Oracles operate on a decentralized network, allowing anyone to participate as a node. A malicious node can manipulate data provided to the smart contract, leading to incorrect contract execution. For instance, falsely reporting a transaction’s occurrence can mislead the smart contract.
- Network outages: Oracles rely on the internet to connect to data sources and provide information to smart contracts. If the network experiences an outage, it can cause a delay or failure in contract execution by preventing the oracle from providing the necessary information.
- Oracle failure: Oracles can fail due to code bugs, hardware malfunctions, or software malfunctions. Oracle failure can prevent smart contracts from executing correctly or cause them to fail altogether.
💡 Given these vulnerabilities, it’s essential for projects to have a fallback oracle in place. Fallback oracles are backup oracles that are used when the primary oracle fails to provide reliable data. They act as a safeguard against data tampering or unavailability, which can cause smart contract malfunctions or lead to financial losses.
🍀 Fallback Oracles are a safety mechanism for smart contracts on blockchain networks. Fallback oracles are programmed with a different data source from the primary oracle, making them less susceptible to the same vulnerabilities. In the event of primary oracle failure or data manipulation, fallback oracles take over and provide a reliable source of external data. This additional layer of security helps ensure that smart contracts execute properly, minimizing the risks of financial losses or malfunctions caused by external data manipulation or unavailability.
⚠️ Several protocols have failed due to the lack of a Fallback Oracle:
- Mango Markets: A Solana-based decentralized trading platform that lost over $100 million in an exploit that involved manipulating the price of its native token MNGO using a single oracle source. The attacker manipulated the prices of BTC and ETH on three exchanges that Mango used as its oracle sources. The attacker was able to borrow more funds than they had collateral by inflating the value of MNGO using a flash loan. If Mango Markets had used a fallback oracle, it could have prevented this attack by detecting the discrepancy between different data sources. A fallback oracle could have detected the abnormal price deviation on the three exchanges and switched to a different set of sources that were not affected by the attack.
- bZx: An Ethereum-based decentralized lending protocol that suffered two attacks in February 2020 that resulted in a loss of about $1 million. Both attacks involved manipulating the price of certain tokens using flash loans and exploiting a single oracle source (Kyber Network) that bZx relied on for pricing information. If bZx had used a fallback oracle, it could have avoided this vulnerability by cross-checking different data sources.
- Harvest Finance: An Ethereum-based DeFi yield farming protocol that lost about $24 million in an attack in October 2020. The attacker used flash loans to manipulate the prices of USDC and USDT on Curve, which Harvest used as its oracle source. If Harvest Finance had used a fallback oracle, it could have reduced this risk by verifying the prices of USDC and USDT from other sources besides Curve and rejected any transactions that deviated significantly from the market average.
- Opyn: A DeFi options platform that lost $370,000 in an exploit involving its oToken contracts. The attacker exploited a bug in Opyn’s oracle mechanism that allowed them to redeem oTokens for more than their underlying collateral. A fallback oracle could have used a time-weighted average price (TWAP) instead of a spot price to determine the value of oTokens and their underlying collateral. This would have prevented the attacker from exploiting short-term price fluctuations.
- Pickle Finance: A DeFi protocol that aimed to stabilize the prices of stablecoins. It was hacked for $20 million in an attack that involved swapping fake tokens for real ones. The attacker exploited a flaw in Pickle’s oracle system that did not verify the source of the tokens. A fallback oracle could have checked the authenticity of the tokens before swapping them and ensured that they came from a trusted source.
Apart from safeguarding, Fallback Oracles provide a decentralized and redundant source of data, helping to ensure that smart contracts function as intended. In this regard, Witnet offers an innovative and decentralized Oracle solution that can be implemented for your Fallback Oracle needs.
⚙️ Why choose Witnet?
Witnet is a multi-chain decentralized and permissionless oracle network that’s serving dozens of protocols across 24+ chains by offloading the oracle tasks into its own oracle chain. With its own layer 1 and a native coin, $WIT, Witnet’s security and functionalities don’t rely on the fate of any other blockchain. $WIT is used to reward validators who participate in a unique consensus mechanism called Proof of Random Eligibility. This mechanism ensures the quality of data by verifying data requests with multiple validators, making it reliable and secure.
Moreover, Witnet’s layer 1 architecture and customizable parameters make it scalable and suitable for a wide range of use cases, allowing developers to create customized data feeds for their smart contracts and decentralize the decision-making process.
Witnet also offers a Grant Program that provides support, guidance, and financial resources to those who are building projects that utilize the oracle.
🎯 In conclusion, fallback oracles are essential for ensuring that smart contracts operate correctly, and developers must consider them to prevent malfunctions or even failure. Witnet offers an innovative and decentralized solution that can help mitigate risks, providing a reliable and secure option for developers. With its unique features and architecture, Witnet can help drive the adoption of smart contracts in various industries, making transactions more secure, transparent, and efficient.
💸 Developers looking to contribute to the growth and development of the Witnet ecosystem can benefit from the Grant Program and the support of the Witnet Foundation, making it an ideal place to start a long-term collaboration.
