1/ With the launch of Uniswap V3, I'm seeing questions regarding the differences between DEX-based TWAP oracles and Chainlink Price Feeds
There are four primary differences
1. Freshness/accuracy
2. Market coverage
3. Security scalability
4. Feed diversity
$LINK $UNI
There are four primary differences
1. Freshness/accuracy
2. Market coverage
3. Security scalability
4. Feed diversity
$LINK $UNI
2/ For context, the naive way to use Uniswap (or any DEX) as a price oracle is to take the spot (aka current) price
This method is extremely vulnerable to flash loan attacks and millions have been lost this way
Even Uniswap doesn't recommend you use their protocol in this way
This method is extremely vulnerable to flash loan attacks and millions have been lost this way
Even Uniswap doesn't recommend you use their protocol in this way
3/ To prevent this (specific) issue of flash loans, Uniswap v2 and v3 offers Time Weighted Average Price (TWAP) oracles
TWAP is a way to calculate the mean price of an asset during a period of time
e.g. "1 hr TWAP" is the average price of an asset over a specific hour of time
TWAP is a way to calculate the mean price of an asset during a period of time
e.g. "1 hr TWAP" is the average price of an asset over a specific hour of time
4/ There are some minor technical differences between TWAP oracles on V2 compared to V3, but what I describe below applys to both just as equally
Let's start with the first, freshness and accuracy
Let's start with the first, freshness and accuracy
5/ TWAP is a lagging indicator (by design)
While this is fine during times of low volatility, a TWAP can become highly out of sync with the market wide price during high volatility
Why does this happen?
While this is fine during times of low volatility, a TWAP can become highly out of sync with the market wide price during high volatility
Why does this happen?
6/ With TWAP oracles, tamper resistance (security) is inversely correlated with freshness (accuracy)
Longer TWAPs provide higher tamper-resistance at the trade-off of less accuracy during volatility
Shorter TWAPs provide more fresh up-to-date data, but is cheaper to manipulate
Longer TWAPs provide higher tamper-resistance at the trade-off of less accuracy during volatility
Shorter TWAPs provide more fresh up-to-date data, but is cheaper to manipulate
7/ With Uniswap TWAP oracles, you're forced to choose between a stale but tamper-resistant price point or a fresh but manipulable price point
Let's look at a theoretical but plausible situation, a money market using Uniswap V3 TWAP with 1 hour samples as its oracle solution
Let's look at a theoretical but plausible situation, a money market using Uniswap V3 TWAP with 1 hour samples as its oracle solution
8/ Again, during times of low volatility it appears things are working
However, volatility increases and the market-wide price of a token being used as collateral drops 50% in ten minutes (this is crypto, it happens)
Normally the protocol would liquidate this position just fine
However, volatility increases and the market-wide price of a token being used as collateral drops 50% in ten minutes (this is crypto, it happens)
Normally the protocol would liquidate this position just fine
9/ However because a TWAP of 1 hour was used, it hasn't had time to catch up yet and reports a drop of only 5%
As a result of stale pricing data, liquidations do not occur in time and now the debt is now worth more than the underlying collateral
Undercollateralization occurs
As a result of stale pricing data, liquidations do not occur in time and now the debt is now worth more than the underlying collateral
Undercollateralization occurs
10/ Even once the TWAP feed finally catches up and reports the correct price after the 50% drop, it'll be too late because the position cannot be fully liquidated
The lenders end up eating the loss, which would have never happened if a proper price feed solution was used
The lenders end up eating the loss, which would have never happened if a proper price feed solution was used
11/ This is just an example but it's the exact issue I'm talking about
DeFi needs oracles to deliver the market-wide price to protect user funds, lagging indicator price oracles simply don't cut it when there's billions and eventually trillions at stake here
DeFi needs oracles to deliver the market-wide price to protect user funds, lagging indicator price oracles simply don't cut it when there's billions and eventually trillions at stake here
12/ Chainlink avoid these issues by not using a TWAP but instead fetching the real time market-wide price from professional data aggregators like BraveNewCoin, Kaiko, and more who track all exchanges and weigh each by real volume while avoiding outliers and fake volume
13/ Each Chainlink node fetches from multiple data aggregators and takes a median value
Each price feed aggregates from multiple independent nodes by taking a median value again
This provides pricing data that reflects the true market wide price without compromising on security
Each price feed aggregates from multiple independent nodes by taking a median value again
This provides pricing data that reflects the true market wide price without compromising on security
14/ Chainlink Price Feeds update on a deviation threshold basis (e.g. 0.5%) and the oracle reports are sourced from off-chain asynchronously, so flash loans inherently have zero effect (as flash loans only exist atomically within a single block)
15/ In comparison, fetching price data from only a single DEX means you're only looking at a small sliver of the total trading market
This lowers the cost of attack as you need less capital to manipulate a single market, rather than hundreds of CEXs and DEXs at the same time
This lowers the cost of attack as you need less capital to manipulate a single market, rather than hundreds of CEXs and DEXs at the same time
16/ While the DEX used as a TWAP oracle may be sufficiently liquid when first intregrated, there's no garuentee that liquidity/volume won't shift to a different exchange and unexpectedly lower the cost of manipulation
This is an issue for all single source oracles
This is an issue for all single source oracles
17/ We need to also consider liquidity fragmentation, not only between competing DEXs (vampire attack), but also between two verisons of the same DEX (Uniswap V2/V3), and between the same DEX on multiple chains (Uniswap V3 on Ethereum and Optimism)
18/ This means the market coverage is therefore reduced even further, dropping the cost of attack
This is something that cannot be predicted ahead of time and if a dev is not paying attention, their protocol can get rekt when the liquidity and volume on the single DEX runs thin
This is something that cannot be predicted ahead of time and if a dev is not paying attention, their protocol can get rekt when the liquidity and volume on the single DEX runs thin
19/ One way you can increase security to a TWAP feed is by adding more liquidity
However this is not capital efficient and is a double edged sword because that liquidity can be removed at any point in time just as easily
Liquidity rug pulls on a single DEX will wreck your TWAP
However this is not capital efficient and is a double edged sword because that liquidity can be removed at any point in time just as easily
Liquidity rug pulls on a single DEX will wreck your TWAP
20/ Lastly (because this thread is already too long), there is feed diversity
Uniswap TWAP can only provide pricing data for ERC20s relative to other ERC20s tokens
A Uniswap pool with WBTC and ETH can provide the WBTC/ETH and ETH/WBTC exchange rates *from the Uniswap market*
Uniswap TWAP can only provide pricing data for ERC20s relative to other ERC20s tokens
A Uniswap pool with WBTC and ETH can provide the WBTC/ETH and ETH/WBTC exchange rates *from the Uniswap market*
21/ What it cannot do is provide the provide the price of oil, stocks, forex, commodities, real estate, or any other price data beyond tokens
Synths like $sTSLA and $mTSLA already use external price oracles so using Uniswap pools as the oracle is just adding a unnecessary step
Synths like $sTSLA and $mTSLA already use external price oracles so using Uniswap pools as the oracle is just adding a unnecessary step
22/ Additionally, Uniswap TWAP cannot provide you the USD price of tokens
Sure ETH/USDT is a proxy for ETH/USD but you need to trust the stablecoin peg to always hold (which it doesn't always), so that's a large assumption
Sure ETH/USDT is a proxy for ETH/USD but you need to trust the stablecoin peg to always hold (which it doesn't always), so that's a large assumption
23/ A side note, I am actually a fan of Uniswap, the V1 was the first dApps I used (besides EthLend) and imo the UX/UI is second to none in the DeFi space
However, the trade-offs of TWAP price feeds is little discussed do this thread aims to provide you some conext
However, the trade-offs of TWAP price feeds is little discussed do this thread aims to provide you some conext
24/ So in summary the Uniswap TWAP (and any other DEX TWAP) is not an adequate oracle solution for smart contracts securing real value because of stale pricing data during volatility, lack of market coverage, unscalable security, and no support for price feeds beyond tokens
25/ Of note, Chainlink Oracles do indeed provide far more than just price feeds, and I've covered this extensively in the past
However, Chainlink price feeds are the gold standard of DeFi and should not be dismissed given it secures billions for Aave, Synthetix, etc
However, Chainlink price feeds are the gold standard of DeFi and should not be dismissed given it secures billions for Aave, Synthetix, etc
• • •
Missing some Tweet in this thread? You can try to
force a refresh
