Price oracles are a weakness of DeFi protocols, so attacks on them will continue and become more complex. This was stated by Chainlink co-founder Sergei Nazarov in the podcast Decrypt Daily.
According to him, it is data centralisation that makes the price mechanism vulnerable.
„The true essence of the attack is that there is a single provider of price data, a single exchange. Often, for the sake of simplicity and speed of development, intra-network DEX and exchange infrastructure data are used to obtain prices and launch DeFi applications,“ Nazarov explained.
To manipulate prices even on a single exchange, intruders need significant capital. They choose to attack with instant loans on 1K daily profit because they give them access to large sums within a short period of time. Later on, this allows hackers to manipulate token prices by distorting oracle data.
The danger of such attacks is that they do not require knowledge of the code, but only sufficient funds. However, obtaining data from several intranet exchanges will not protect DeFi platforms, although it will make them more complex and expensive, warns Sergei Nazarov.
„To counter such attacks, DeFi platforms must significantly expand the range of price data they receive. Then it will only be possible to manipulate the price of an asset by distorting its global value,“ he added.
In recent months, several DeFi platforms have been hacked through instant loan attacks. The Value DeFi protocol was hacked for $6 million and the Akropolis project’s liquidity pools lost $2 million.