Friday could have one of DeFi's worst black swan events.
On paper, over $19 billion in liquidations hit across CEXs and perp DEXs. The real figure was likely higher. Many were surprised that on-chain lending markets came out mostly untouched, but outcomes can be misleading.
Markets saw violent dislocations:
PAXG at $3,600 on @binance
EURC at $1.085 on @coinbase
USDE at $0.65 on Binance
These were not depegs. A mispricing on a single venue is not a structural loss of parity.
However, if those gaps had remained open, the price impact would have spilled over into DEXs and lending markets, draining liquidity and triggering liquidations faster than the system could absorb.
On @aave alone, $4.8 billion in positions were at risk, with $180 million in potential penalties. If those liquidations had cleared, assets would have gone to zero before stabilizers could react.
We avoided that outcome because of risk management deliberate design choices. One of them was the decision to price USDe 1:1 with USDT (s/o to @LlamaRisk too!).
The Limits of Traditional Oracles
Traditional price oracles are a pale version of what a true oracle should be. They aggregate quotes from secondary markets and assume those order books reflect fair value. That assumption works for liquid, fungible assets. Not for the new class of asset-backed and mechanism-dependent tokens that now dominate DeFi.
For tokens like:
- USDe
- LRTs
- PTs
- tokenized RWAs
Value depends on primary liquidity, reserve composition, and redemption mechanics. Treating all tokens as homogenous ignores these embedded dependencies and redemption paths that define their real economic worth.
A real oracle must go deeper. It must integrate every structural layer. Reserves, counterparties, redemption logic, protocol logic, and dependencies, to produce a risk-aware measure of value. Otherwise, you’re not pricing assets; you’re quoting volatility.
The Convergence of Price, Proof, and Risk
This is where price, proof of reserve, and risk oracles converge. They are not separate systems but interdependent layers of the same framework.
For asset-backed tokens, value cannot be defined solely by a price oracle. It emerges from the combination of market pricing and verified reserves. The interaction between what the market observes and what can be proven to exist.
Price oracles surface external market signals that reflect secondary-market behavior.
Proof-of-reserve oracles ground those signals in verifiable collateral, confirming the economic backing that gives the token meaning.
Risk oracles contextualize both, determining what the asset is worth to a specific system based on its structure, liquidity, and correlation to other exposures.
In other words, price without proof is speculation, and proof without context is static.
True valuation in DeFi depends on all three layers working together: market, backing, and risk, operating in real time.
Proof-of-Reserve oracles are progress, but we’re still far from the endgame. There’s no standard for attestation frequency or depth. Every gap between proofs is a blind spot where solvency is assumed, not verified. The ideal state is continuous, real-time attestation enabling live, observable reserves that update as conditions change. We’re moving in that direction, but we’re not there yet.
** Oracles, in a world of sophisticated DeFi, are application-specific instruments of risk, not universal truth machines. **
A lending market shouldn’t necessarily use the same oracle as a perps exchange.
Each system must decide what kind of volatility it wants to internalize and what kind it’s willing to pass downstream.
There’s no free lunch; pricing stability always transfers volatility somewhere else. The question is who absorbs it, and when.
Hard-coding 1:1 parity can be the right trade-off for lending systems that prioritize depositor safety, but it’s not universally optimal or endgame.
The underlying NAV risk doesn’t disappear; it just moves. Good risk design makes that transfer explicit, transparent, and priced.
A Call for Discipline
If you’re an asset issuer minting a tokenized RWA, stablecoin, or money market instrument, you must have a proof-of-reserve system in place and work with an oracle to provide a PoR oracle. Without it, integrators like lending markets, perp DEXs, and vault managers are blindly extending credit to your assumptions of solvency.
And if you’re an integrator:
- an exchange
- lending protocol
- vault manager
you need to work directly with asset issuers and risk partners to understand each asset’s structure, redemption logic, and reserve mechanics. Otherwise, your users will absorb risks that should have been managed at the protocol level.
The Path Forward
Yesterday could’ve been ** much worse ** for DeFi.
We’re building systems that now mirror the scale of traditional finance, but not yet its discipline. Real progress in financial infrastructure won’t come from speed . It will come from precision, transparency, and shared standards.
Every oracle, asset, and market design is a set of trade-offs.
The next phase of DeFi will belong to those who recognize that truth early and build with that rigor. Not those who move fastest, but those who move correctly.
On paper, over $19 billion in liquidations hit across CEXs and perp DEXs. The real figure was likely higher. Many were surprised that on-chain lending markets came out mostly untouched, but outcomes can be misleading.
Markets saw violent dislocations:
PAXG at $3,600 on @binance
EURC at $1.085 on @coinbase
USDE at $0.65 on Binance
These were not depegs. A mispricing on a single venue is not a structural loss of parity.
However, if those gaps had remained open, the price impact would have spilled over into DEXs and lending markets, draining liquidity and triggering liquidations faster than the system could absorb.
On @aave alone, $4.8 billion in positions were at risk, with $180 million in potential penalties. If those liquidations had cleared, assets would have gone to zero before stabilizers could react.
We avoided that outcome because of risk management deliberate design choices. One of them was the decision to price USDe 1:1 with USDT (s/o to @LlamaRisk too!).
The Limits of Traditional Oracles
Traditional price oracles are a pale version of what a true oracle should be. They aggregate quotes from secondary markets and assume those order books reflect fair value. That assumption works for liquid, fungible assets. Not for the new class of asset-backed and mechanism-dependent tokens that now dominate DeFi.
For tokens like:
- USDe
- LRTs
- PTs
- tokenized RWAs
Value depends on primary liquidity, reserve composition, and redemption mechanics. Treating all tokens as homogenous ignores these embedded dependencies and redemption paths that define their real economic worth.
A real oracle must go deeper. It must integrate every structural layer. Reserves, counterparties, redemption logic, protocol logic, and dependencies, to produce a risk-aware measure of value. Otherwise, you’re not pricing assets; you’re quoting volatility.
The Convergence of Price, Proof, and Risk
This is where price, proof of reserve, and risk oracles converge. They are not separate systems but interdependent layers of the same framework.
For asset-backed tokens, value cannot be defined solely by a price oracle. It emerges from the combination of market pricing and verified reserves. The interaction between what the market observes and what can be proven to exist.
Price oracles surface external market signals that reflect secondary-market behavior.
Proof-of-reserve oracles ground those signals in verifiable collateral, confirming the economic backing that gives the token meaning.
Risk oracles contextualize both, determining what the asset is worth to a specific system based on its structure, liquidity, and correlation to other exposures.
In other words, price without proof is speculation, and proof without context is static.
True valuation in DeFi depends on all three layers working together: market, backing, and risk, operating in real time.
Proof-of-Reserve oracles are progress, but we’re still far from the endgame. There’s no standard for attestation frequency or depth. Every gap between proofs is a blind spot where solvency is assumed, not verified. The ideal state is continuous, real-time attestation enabling live, observable reserves that update as conditions change. We’re moving in that direction, but we’re not there yet.
** Oracles, in a world of sophisticated DeFi, are application-specific instruments of risk, not universal truth machines. **
A lending market shouldn’t necessarily use the same oracle as a perps exchange.
Each system must decide what kind of volatility it wants to internalize and what kind it’s willing to pass downstream.
There’s no free lunch; pricing stability always transfers volatility somewhere else. The question is who absorbs it, and when.
Hard-coding 1:1 parity can be the right trade-off for lending systems that prioritize depositor safety, but it’s not universally optimal or endgame.
The underlying NAV risk doesn’t disappear; it just moves. Good risk design makes that transfer explicit, transparent, and priced.
A Call for Discipline
If you’re an asset issuer minting a tokenized RWA, stablecoin, or money market instrument, you must have a proof-of-reserve system in place and work with an oracle to provide a PoR oracle. Without it, integrators like lending markets, perp DEXs, and vault managers are blindly extending credit to your assumptions of solvency.
And if you’re an integrator:
- an exchange
- lending protocol
- vault manager
you need to work directly with asset issuers and risk partners to understand each asset’s structure, redemption logic, and reserve mechanics. Otherwise, your users will absorb risks that should have been managed at the protocol level.
The Path Forward
Yesterday could’ve been ** much worse ** for DeFi.
We’re building systems that now mirror the scale of traditional finance, but not yet its discipline. Real progress in financial infrastructure won’t come from speed . It will come from precision, transparency, and shared standards.
Every oracle, asset, and market design is a set of trade-offs.
The next phase of DeFi will belong to those who recognize that truth early and build with that rigor. Not those who move fastest, but those who move correctly.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
