bZx, a protocol for tokenized margin trading and lending, announced today it has decided to quickly adopt Chainlink’s decentralized oracle networks as the basis for its new price oracles over the long term.
“In light of the recent attacks surrounding the bZx protocol, we have worked closely with the Chainlink team to identify vulnerabilities and integrate superior solutions to harden our overall security. Specifically, to prevent the recurrence of the price oracle attack on February 18, 2020, in which a user used a flash loan to manipulate an illiquid on-chain oracle far beyond the true market price to gain a major advantage on his bZx margin position.”
– The bZx team
By using Chainlink’s decentralized oracle solution, each critical price feed of bZx is secured by numerous independent nodes, which collectively source data from over seven independent data aggregators. This gives its price oracles significantly greater exposure to true market-wide price discovery from top liquidity sources and introduces tougher security barriers thanks to decentralization at both the oracle and data levels. Together, this eliminates any attack vector that can be exploited by greatly increasing the amount of capital and multi-party coordination needed to carry out any future attacks.
To better understand the advantages of this new oracle model; the bZx team outlined the security concerns around using on-chain oracles. The team discusses why switching to Chainlink’s decentralized oracle solution will bring critical security back to bZx and ultimately re-establish marketwide trust. Since all DeFi protocols are subject to such oracle attacks, this incident can serve as an important case study on how to improve the security of the entire ecosystem, while continually pushing towards the end goal of completely decentralized finance…
The Limitations of On-Chain Price Oracles
Before diving deeper, it should be noted the extreme importance of data in the DeFi ecosystem. Smart contracts are data-driven instruments that produce outputs based on inputs. In the case of DeFi, accurately settling financial contracts is critically dependent on having quality market data in real-time that reflect true market conditions. Even if the underlying smart contract is coded perfectly, the output is still fully dependent on the input it receives. This means that securing accurate market data is as crucial to the security of decentralized finance as the underlying smart contract itself.
Decentralized exchanges (DEXs) are an exciting frontier for the blockchain space as they allow the non-custodial exchange of digital assets without a central third party.
There are two models emerging:
- Order book exchanges – such as Kyber Network, which matches buyers and sellers;
- Non-order book exchanges – such as Uniswap, which use on-chain liquidity pools and simple bonding curves. Both models have greatly accelerated the advancement of DeFi and will likely continue to do so moving into the future.
The problem is that on-chain DEXs are still quite a novel concept and therefore subject to low liquidity. This low liquidity makes their on-chain price subject to major fluctuations far outside the true market price when aggregated across all the top liquidity sources.
For this reason, on-chain price oracles are not suited for being reliable price oracles, especially on their own or even in an aggregated model where they hold substantial weight.
If a DApp is using such an oracle model and it is known to the public, any user can exploit this price oracle with limited resources. This has been compounded with the introduction of flash loans, which allows users to quickly access capital with almost no upfront costs. They can use that capital to easily manipulate an illiquid price oracle for the benefit of a trade they’ve placed on a DApp that sources their price feeds from this on-chain oracle. This was the exact exploit introduced in the second hack, which is why bZx is moving to a new solution powered by Chainlink.
Obtaining Secure, True Market Pricing Using Chainlink’s Price Reference Data
To mitigate the vulnerabilities associated with on-chain price oracles, bZx has now switched its price oracle mechanism to Chainlink’s decentralized oracle networks. bZx will be using and sponsoring some of Chainlink’s Price Reference Data for DeFi, which already includes many of the critical data feeds the protocol needs. Those data feeds are also used and supported by other DeFi projects such as Synthetix, Aave, Nexus Mutual, and Loopring, and will likely expand to include more in the near future as there is great value in multi-project support for common price feeds that are widely used across the market. This ensures the maintenance of critical price feeds in a truly decentralized ecosystem effort.
Chainlink’s Price Reference Data Contracts are decentralized oracle networks made up of multiple independent, security reviewed, and Sybil resistant node operators. These nodes are run by leading blockchain DevOps and security teams, many of which have extensive experience running POS nodes that secure millions of dollars in value across multiple blockchain networks.
On-Chain Price
These decentralized oracle networks provide on-chain prices for a variety of important markets, such as BTC/ETH, DAI/ETH, SNX/ETH and more. On-chain prices are calculated by having each independent node retrieve data from one of ten different data aggregators, with every network containing several independent data aggregators. The nodes’ individual responses are then aggregated together to form a collective response, which is then sent on-chain as a new price update to the reference contract. Updates can be programmed to occur in time intervals (hourly, daily, etc.), price deviations (such as every 1% change in price), or some combination of both.
This new model offers increased security since both the data delivery mechanism of the oracle and that actual data source itself is far more decentralized and accurate than any on-chain oracle mechanism. Since there are numerous independent oracles that secure each price feed, there is no single point of failure at the node level. This is beneficial towards maintaining perfect uptime; as well as avoiding a single oracle being the sole subject of truth or tampering with the price feed due to incompetence or bribery.
Data Aggregators
By having many independent nodes source data from various independent, trusted data aggregators, the on-chain price used by DApps to execute critical smart contract functions reflects the true market price since its obtained via an aggregation from top liquidity sources for a particular market price.
This allows bZx far better exposure to true price discovery that cannot be easily manipulated by outside forces. While some coins simply have illiquidity even when aggregated across all exchanges, most coins have much stronger liquidity when combining the various liquidity sources across the market. Therefore, attacking all these at the same time is not only more complex, but also requires significantly more capital to carry out. Chainlink allows bZx to tap into market-wide price discovery, which will substantially harden bZx’s oracle mechanism against illiquidity attacks.
Even in the situation where a DEX has strong liquidity for a particular market, such a market is likely to have great market-wide liquidity given its general popularity. Therefore, the security guarantees are still much stronger when aggregating the price from all the top liquidity sources, as opposed to just one, even if it’s highly liquid. Important price feeds are even more critical to protect, given they can be used in more combination across DeFi with potential access to larger pools of capital.
“We’re excited to work with the experienced and technically sound team developing on Chainlink to mitigate any future oracle attacks on bZx. Chainlink’s decentralized oracle networks greatly increase the accuracy of our critical price oracles by deriving them from an aggregation of the top liquidity sources. This gives us market-wide exposure to price movements while retaining the highest-security standards thanks to extending the security guarantees of our underlying smart contracts to include a secure, decentralized oracle mechanism. We’re confident that incorporating Chainlink will harden the security of critical bZx functions that are dependent on accurate price feeds, ultimately reestablishing bZx as a trusted protocol within the greater DeFi ecosystem.”
– Tom Bean, Founder and CEO of bZx