Blockchain oracles are entities that connect blockchains to external systems, thereby enabling smart contracts to execute based upon inputs and outputs from the real world.
Blockchain oracles are entities that connect blockchains to external systems, thereby enabling smart contracts to execute based upon inputs and outputs from the real world, between blockchains or other smart contracts.
As such, Oracles are extremely important to OpFi projects because they allow contract logic to be executed based on external data. For borrowing and lending products, oracles are specifically needed for data concerning: pricing, interest rates, determining the market value of assets/collateral, health factors, etc.
A vulnerability arises when protocols relying on oracles automatically execute actions even though the oracle-provided data feed is incorrect. An oracle with deprecated or even malicious contents can have disastrous effects on all processes connected to the data feed. In practice, manipulated data feeds can cause significant damage, from unwarranted liquidations to malicious arbitrage trades. A classic vulnerability comes from the world of on-chain price oracles: Trusting the spot price of a decentralized exchange.
In OpFi, we have seen malicious actors use oracles as an attack vector to manipulate contract logic resulting in hacks and exploits. Oracle-related exploits are some of the most common types of attacks in OpFi.
They have resulted in tens of millions of dollars being stolen by bad actors, which negatively impacts the greater OpFi ecosystem, projects and of - course end users.
You just need to head over to Rekt leaderboard to see the growing number of exploits caused by Oracles.