Oracles serve as bridges between the worlds of on-chain and off-chain, allowing blockchains to tap into real-world information. Whether retrieving the prices of crypto assets or retrieving the outcomes of a football match, oracles have access to a wide range of external data, which can then be easily incorporated into the crypto ecosystem.
Although oracles significantly improve the functionality of blockchain networks by enabling the execution of tasks guided by real-world inputs, exploits resulting from oracle manipulations cannot be overlooked. In fact, since 2020, nearly a billion dollars have been lost due to oracle breaches.
Oracle-related losses reached $892 million
According to the latest estimates from Binance Research, approximately $892 million has been siphoned off through manipulative actions related to oracles over the past three years.
In many cases, individuals within specific protocols artificially inflate the prices of tokens with low liquidity. They then exchange these artificially inflated tokens for other assets or use them as collateral to secure loans within the credit markets.
On the plus side, this trend appears to have slowed. In 2023, losses from oracle-related exploits have decreased significantly, which can likely be attributed to increased security measures and an overall decline in Total Value Locked (TVL) within the decentralized finance (DeFi) ecosystem.
The study further stated that the use of oracles can be a double-edged sword, paving the way for vulnerabilities that malicious actors can potentially exploit.
“Oracle-less solutions appear to offer a range of attractive alternatives that alleviate the risks associated with oracles. Nevertheless, the adoption of these alternative solutions is influenced by a variety of factors and considerations, and in some cases it may be more appropriate than in others.”
Oracle-less protocols are also not foolproof
As a solution, the report proposed several projects in the areas of loans, derivatives and non-fungible tokens (NFTs) that aim to reduce dependence on oracles.
However, the report also highlighted that oracleless protocols come with drawbacks such as increased complexity, reduced efficiency and design limitations. Developers and users should carefully consider these factors when choosing between oracle-dependent and oracle-less solutions.