The Oracle Problem
Oracles are third party or decentralized data feed services that bring off-chain data onto a blockchain or provide on-chain data to other participants via decentralized data feeds. They serve as bridges between blockchains or smart contracts with external data such as token prices, interest rates, weather data, etc.
DeFi projects rely on Oracles for executing logic within their smart contracts for a token price, interest rate, fair market value of collateral, etc. Given the nature of their use case as a single source of truth, it is important that the oracles selected are resistant to manipulation by bad actors.
However, there have been numerous oracle price manipulation attacks on DeFi protocols which have resulted in millions of dollars being lost to bad actors. Some of these are:
- Compound Finance had an incidence where $90Mn of DAI position was liquidated as the price of the DAI moved significantly on Coinbase during market volatility which in turn affected the Coinbase oracle being used by Compound.
- Harvest finance exploited for $24Mn via price oracle attack
- Value defi exploited for $6Mn via price oracle attack
- Cheese bank exploited for $3Mn via price oracle attack (Source: https://decrypt.co/49657/oracle-exploit-sees-100-million-liquidated-on-compound, https://defiprime.com/hacks2020)
As we can see from the above incidents, oracle attacks are becoming more frequent and more costly over time to the DeFi ecosystem. While various different oracle solutions are available today, the key limitations are:
- Not fully decentralized
- Decentralized, but susceptible to manipulation
While we are early in the development of more robust oracles, the current solutions still pose a potential attack vector for DeFi projects.
Timeswap utilizes the constant product AMM to price the interest rate as well as collateral instead of using Oracles.
The Timeswap pools are self-sufficient & have their own native interest rate & collateral factor discovery mechanism. Pools have a fixed maturity & designed such that for borrowers who have not repaid their loans after maturity, their collateral gets proportionately distributed amongst lenders based on their insurance token holding. This design has the following two critical advantages:
- No liquidations till maturity — Borrowers can initiate positions and not worry about getting liquidated in between due to adverse price movements
- No price oracles — since pool liquidations are not based on market price, Timeswap doesn’t require an oracle. Thus Timeswap is protected against one of the most critical attack vectors plaguing DeFi today.
While oracles serve a valuable purpose within the DeFi ecosystem, Uniswap has proved that one can design scalable and robust systems without needing external price oracles. We believe Timeswap will continue to evolve as a self-sufficient protocol that can function autonomously without needing external price feeds or oracles.
As DeFi ecosystem expands, Timeswap interest rates can be used as an on-chain price oracle for interest rates.
While implementation is under active research, we believe a similar implementation like Uniswap TWAP could be one approach to begin with. Implementing this solution is part of the roadmap for Timeswap V2 and we are open to suggestions and ideas from the community.