Application Layer-attacks

Application layer attacks seek to exploit vulnerabilities in the design of the DeFi protocols. One of the most notable examples of application layer attacks is oracle price manipulations.

Oracle price manipulation

Many DeFi protocols, e.g., AMM-DEX or LSPs, do not require any market information to operate. Nevertheless, for some DeFi protocols, e.g., interest-rate protocols and crypto-backed stablecoins, information from the real world is critical for the functionality. Oracles are mechanisms that retrieve the off-chain data, such as exchange prices between cryptocurrencies and fiat currencies, which can be later utilized by smart contracts. There are various types of oracles. A centralized oracle relies on a trusted third party as a data provider, undermining the decentralization and trustlessness principles of DeFi. A decentralized oracle seeks the information on-chain, e.g., from other DeFi protocols. For instance, a decentralized oracle may derive the swap rates between tokens from AMM-based DEX. This approach, however, is prone to the manipulations. The attack in which the prices used by the DeFi protocol are manipulated is called an oracle attack.

PreviousSmart Contract Layer-attacks NextDeFi Risks

Last updated 8 months ago