Oracle manipulation
An exploit class where an attacker moves the price an oracle reports, then triggers favourable liquidations / mints.
Common with thinly-traded oracle sources or single-block TWAP windows. Notable: Mango Markets (2022, $115M), Inverse Finance (2022, $15.6M), Cream (2021, $130M). Mitigations: multi-source oracles, longer TWAPs, liquidity-floor checks, circuit breakers.
Related terms
- OracleA service that brings off-chain data on-chain — most commonly asset prices used for liquidations and CDP minting.
- Flash loanAn uncollateralised loan that must be borrowed and repaid in the same transaction — atomic, or it reverts.
- ExploitA security failure that lets an attacker drain protocol funds — historically the dominant loss vector in DeFi.