Nov. 30, 2023: The Oracle of Truth ๐ฎ๐๏ธ
The subtle challenges in building dApps against oracles
crvUSD Update
Seems as though some $crvUSD borrowers are starting to get the hint that they are NOT welcome in these parts?
However long the standoff continues, itโs perhaps good news for veCRV holders?
Of course, $CRV token celebrates the record haul by dumping, cause crypto always be like that. At least somebodyโs found some utility for the garbage tokenโฆ
Meanwhile, in Delphiโฆ
You may have seen thisโฆ
Weโll start our review by highlighting to anybody that the issues raised in this thread are not relevant to Curve LPs. Rather, it highlights the difficulties for anybody who is interested in building a service that relies on the built-in oracles of Curve pools.
For anybody hoping itโs death spiral season, weโll add that several of the issues raised in the thread have been addressed in the newest releases or have been reviewed and judged not to be a risk. The newer StableSwap-NG pools in fact may be good choices for on-chain oracles, with a few caveats.
The core lesson we take away from the thread is that building against any oracle can be broadly dangerous, and we wholeheartedly agree with this take. Instead of relying on the security of just your own app, you now have two potential points of failure, one of which you didnโt even code.
Given that builders are increasingly using Curve pools as oracles, itโs really important to consider best practices before people wind up rekt.
With this in mind, letโs walk through the thread and add some nuance where warranted.
The thread00r jokingly points out that there have been many different flavors of oracles since Curve first started including a built-in way of fetching the pool price. Older oracles were not sufficiently robust that you might use them in prod, but this is corrected in the newer versions.
The clarification from the official Curve account points to several nuances in using Curve oracles. If you werenโt aware of these already and planned to integrate a Curve oracle within your app, then highly recommended you reach out to the dev team for help integrating! As you can see, the devs are highly responsive!
One thing not well emphasized by the thread is the degree to which Curve does track these issues and responsibly alerts developers as needed.
Some potential confusion comes from the fact that StableSwap-NG oracles are designed to be more resilient and potentially useful in prod if proper precautions are considered. This is a work in progress, but do reach out to devs if you need an oracle and want to learn more about StableSwap-NG.
In some cases, the thread00rโs conclusions are in conflict with top devs and auditors.
Youโll have to judge for yourself what you consider an acceptable level of safety. Checking multiple oracles and including failsafes can help increase the robustness. In the end, it depends heavily on your use case.
In the end, itโs an outstanding example of how to put together a banger of a Curve thread.
The challenge in educating about Curve on social media is that you canโt really juice the view count by only speaking to fans. Curve enjoy000rs are a small and disproportionately handsome bubble. To really do numbers, you have to cater to the large swath of NPCs programmed to hate Curve. The best performing threads mix a level of education and malice, so everybody gets something.
The winning formula is to take one part semi-technical deep dive, then tap into the broader crypto communityโs insatiable demand for Curve FUD, and youโre just about guaranteed to 20x what our account could muster on a good day.
Therefore, our overall takeaway is that this thread is at least productive, in that the most ardent Curve haters might walk away learning about the mere existence of Curve oracles. Subtract some of the most hyperbolic rhetoric and the charts contained within do a good job explaining some concepts like EMA pricing.
We also concur with the overall gist of the thread, which is that building apps with oracles can be quite dangerous, and itโs always worthwhile to get some experienced devs to give it a review to ensure a robust architecture.
For some context into functional design, we close with an example from $crvUSD and its utilization of oracles. It has several fallbacks built in, such as capacity to rely on Chainlink oracles as failsafes. The Curve DAO ended up disabling this toggle after observing performance, but it could be reimplemented if desired.
One thing no oracle can protect against is outright price manipulation. With the lingering effects of the bear market, many great tokens remain comically undervalued. Itโs not terribly difficult for players of size to simply buy up sufficient market cap of a low liquidity token and push the prices to artificially high or low values. Oracles canโt prevent against this, because their quotes reflect the actual manipulated price.
This was the takeaway of the Avi attack, which no particular โoracleโ could defend against. The good news, perhaps, is that laws against market manipulation do exist, and Avi now shares a roof with SBF.
Incidentally, the concept of Avi and SBF as cellmates stands out as badly needing a satirical sketch comedy video, perhaps animated. If you can create better concepts than ChatGPT, please send us your pitches so we can shop them to Leviathan News.
