Within the context of pricing, an oracle is an on-chain API for price. Differently put, it simply tells you what the price of an asset is at a given time.
While we think Uniswap's oracles are best suited for our permissionless lending protocol, depositing into an Euler pool backed by illiquid liquidity pools on Uniswap can lead to devastating results.
If the Uniswap V3 oracle of the borrowed asset is manipulated to the upside, the attack could trigger liquidations and sweep borrowers' collateral.
Even more of concern is when the attacker can manipulate the asset pricing to the downside. Hypothetically, if the price drops to almost zero, the attacker only needs a small amount of collateral to borrow the entire pool and run away with a hefty profit.
Euler’s Oracle Risk Grading System
There are two main factors that influence the ease of attacking a Uniswap V3 oracle: TVL and concentration of liquidity.
This is why we’ve come up with a rating that incorporates 3 factors:
TVL locked in the Uniswap V3 pool:
Slippage on a $1mil XYZ vs ETH buy order on Uniswap:
Slippage on a $1mil XYZ vs ETH sell order on Uniswap:
The sum of these ratings yields a comprehensive rating:
Which will be displayed on the front-end page of the respective lending pool:
The overall rating goes from A to F (A meaning good and F meaning avoid at all cost) and should give users an idea of what the oracle risk is. Overall, anything below B should probably be avoided!
Keep in mind that this is merely an indicative tool and we bear no responsibility for loss of funds.