New Narrative of DeFi? A New Secure Model for Smart Contracts Without Oracle Protocols

Original author: YBB Capital Researcher Ac_Core

Introduction

Oracle is an important factor in the DeFi world. Although the security of different protocols is usually inherited from the underlying smart contract network, its normal operation still relies on oracles. If an oracle of a protocol is attacked or compromised, the entire protocol can be manipulated. Recently, new DeFi creators are creating new narratives by conceptualizing new lending and derivative architectures, and the common feature of these protocol changes is that they no longer rely on oracles.

Risks and Fixes in DeFi

The greatest allure of DeFi lies in its decentralization. In a broad sense, it is an open financial system for permissionless payments. Compared to traditional finance, its rules, profits, and even risks are publicly disclosed in a more “obscure” manner, but it still has a high degree of openness.

However, after several years of development, the DeFi field has also suffered billions of dollars in theft[1]. Even the most ardent believers constantly question whether it can become the mainstream of future finance. In 2022 alone, hackers stole over $3.8 billion through DeFi protocols and cross-chain bridges, making it the year with the highest amount of theft in crypto history. If we want a larger group of people to enter the crypto world in the future and rely on DeFi, security is the primary consideration.

Image source: Chainalysis

Risks and “Primitives” of Oracle

Nascent believes that the concept of “oracle-less protocols” will provide a more robust and secure technical architecture for DeFi fundamentally. Nowadays, DeFi hopes to define itself as “primitives” and wants more teams to build products or combine protocols on top of them. Once the contract is mixed with any external dependencies, they will inherit all the related risks. At the same time, in order to accommodate a larger system ecology, the contract will be upgraded, and this managed upgrade variable will involve the current and future changeable environment, bringing more risk factors. As the name suggests, the introduction of oracles creates a dependency on external data, which can bring potential risks. Therefore, Dan Elitzer proposed a new definition: to meet the conditions of “primitives,” in addition to the contracts deployed on the blockchain, it cannot rely on any external factors, such as governance, contract upgradability, and oracles.

However, the reality is that DeFi protocols that meet this basic definition are very rare today. The most representative one is Uniswap V1. However, from a security perspective, even Uniswap V2 and V3, which are consistent with the definition proposed by Dan Elitzer, do not qualify because they allow governance over certain functions, such as closing protocol fees and introducing fee tiers for pools.

However, this narrow governance function has not caused systemic risks due to the large-scale upgrades in other protocols. Therefore, the reason why Uniswap has achieved great success in all versions so far is the absence of Oracle and full-chain, which are two key factors.

There is no doubt that Uniswap is the leader of decentralized trading, and it has achieved great success, giving birth to many experiments of decentralized exchanges. For example, Uniswap V3 introduces the concept of non-fungible liquidity positions, allowing liquidity providers (LPs) to concentrate their liquidity within a specific range. This enables LPs to capture a larger share of the transaction fees generated within that range and profit from it, but there may also be unconditional losses due to price fluctuations. This leads to more efficient capital utilization and the specialization of LPs in the market, resulting in a series of position management tools such as Arrakis, Gamma, and Sommelier. Although this is very friendly to DEXs, lending protocols still require oracles.

In March of this year, Euler Finance lending protocol suffered a hacker attack, resulting in a loss of up to $200 million. It allows users to collateralize and borrow, and it has some unique features. In short, its problem occurred in a specific function without security checks, allowing users to violate the basic invariants of the lending market. For a detailed account of this attack, please refer to [2].

For lending protocols, eligible collateral is limited to assets with reliable oracle price feedback. Loan parameters (such as loan-to-value ratio [3]) are governed by their respective protocols, so any bad debt is the responsibility of the protocol rather than individual lenders. Similarly, derivative protocols that rely on oracles for pricing, without internal price discovery mechanisms, are susceptible to price lag and lack of updates, severely limiting their scale and user experience. As mentioned earlier, this also explains why trader Avraham Eisenberg was able to successfully attack Mango Markets and withdraw $116 million from the cryptocurrency trading platform.

Why Uniswap is currently secure

An AMM can have the simplest core invariant in any DeFi source code (Primitives): tokenBalanceX * tokenBalanceY == k (constant product). For example, the LianGuaiir interface in Uniswap V2 is implemented based on the following four function invariants:

Mint: Add to k;

Burn: Subtract from k;

Swap: Move x and y while keeping k unchanged;

Skim: Re-adjust tokenBalanceX * tokenBalanceY to equal k.

The security of Uniswap V2 lies in a simple core invariant that all functions serve. The only controversial aspect is the governance mode that can switch fee switches, but this does not touch the core invariant, only affecting the distribution of token balance ownership. It is precisely because of this simplicity (non-upgradable smart contracts and basic invariants) in terms of security that Uniswap itself has never been hacked.

Rebuilding Loan Agreement

Source: Author Balakov

Recently, we have noticed many projects involving non-oracle lending agreements, such as Ajna, Ethereum Credit Guild, the Automated Tranche Maker by MetaStreet, and the Blend protocol launched in collaboration with Blur and LianGuairadig [4].

Unlike traditional DeFi lending markets, Gauntlet does not require collateral or rely on a single universal oracle like Chainlink for “real” asset price data. Instead, borrowers need to assess risks and decide on a certain collateral to request from the borrower, and they must update their loan criteria when asset prices change. In general, borrowers choose the specified collateral they are willing to accept, such as BAYC Tokens and individual Bored Ape NFTs, the reference assets they are willing to provide as collateral (e.g., USDC), and the ratio at which they will require the borrower’s reference assets to be liquidated compared to the collateral assets. Finally, borrowers can post collateral and borrow reference assets at the current market interest rate.

It should be noted that since the loan liquidation is determined based on the unit quantity of each asset rather than the dollar price ratio, no oracle is needed. However, if the relative USD value of any asset changes, the lender will adjust the terms of the current or future loans to achieve the collateral ratio they consider safe.

The biggest advantage of these methods is that the protocol is essentially immune to bankruptcy. This is because each lender is ultimately responsible for their own loan repayment ability, so the concept of “bad debt” does not exist, which would otherwise be borne by the DAO treasury/insurance fund or handled among the lenders.

Blur’s Blend protocol assumes the existence of “sophisticated lenders who can participate in complex on-chain and off-chain protocols, assess risks, and use their own funds.” This makes sense given Blur’s background as a primary marketplace for professional NFT traders, but for ordinary users, it seems much more complex than borrowing on Aave or Compound.

New Faces Without Oracles

According to Chase Devens, a researcher at Messari, non-oracle architectures can be divided into two categories: peer-to-peer (P2P) and hybrid types based on AMMs. The main characteristics of these two types are as follows:

  • P2P

Support any type of on-chain collateral

Users assume loan parameters and default risk (no longer contract-based risk), and borrowers no longer define interest rates and LTV parameters, but instead determine value comparisons themselves. Removing oracles from the protocol mechanism means these loans can be created with any on-chain collateral.

Active management of positions is required to ensure that the provided liquidity is effectively utilized, and users must actively manage their positions in a similar way to centralized liquidity positions like Uniswap V3.

  • Hybrid type based on AMM (lending/derivatives-LPs liquidity providers)

Supports any type of on-chain collateral

The underlying LP position provides pricing data for liquidation and derivative contracts, and is also the primary market for liquidation. This allows the protocol to calculate the results of liquidation and derivative contracts from its underlying liquidity pool. In essence, the LP position itself acts as an oracle. Additionally, these LP positions provide a primary market for offloading protocol inventory during liquidation or contract expiration, without the need to liquidate collateral on external platforms.

For example:

Ajna.finance

Ajna is a lending protocol designed specifically for EVM, with no governance, permissions, or external price feeds (oracles). It can be used to borrow against our entire investment portfolio (including NFTs). Two core issues with other lending projects that have reached critical mass: (1) Token governance systems are insufficient to analyze complex risks (2) Using external price feedback (oracles) limits the asset scope to “blue chips” with liquid secondary markets. These flaws have caused catastrophic losses in the DeFi lending market and have limited the ability to support new assets. Ajna solves these problems through several key innovations:

(1) Asset pricing provided by the borrower: When borrowers use the Ajna protocol, they tell the contract at what price they are willing to collateralize their assets. This effectively allows them to input their own life cycle value and transforms it from a governance parameter to a market parameter;

(2) Automated interest rate discovery: In each Ajna market, there is an equilibrium state determined by internal benchmarks. If the market is out of balance, anyone can change the exchange rate by 10% every 12 hours. If not, no changes are made;

(3) Liquidation collateral: Since Ajna does not have oracles, it relies on users to tell it when to liquidate loans. This is achieved by requiring liquidators to deposit collateral to trigger liquidation. If they are honest, they are rewarded. If not, they are penalized.

So what’s the significance? These innovations allow Ajna to serve the “entire” ecosystem. Anyone can create lending markets with any asset (even NFTs). No more cumbersome governance processes and no more worries about liquidity, secondary markets, and oracles.

Blend

Image source: Achal Srinivasan, Kirby

Blend is a peer-to-peer and permissionless lending protocol that supports any collateral, including NFTs. It matches users with borrowing intentions with lenders willing to provide competitive rates through a complex off-chain quotation protocol.

By default, the interest rate of Blend loans is fixed and never expires. Borrowers can repay at any time, while lenders can exit their positions by triggering a Dutch auction to find new lenders at a new interest rate. If the auction fails, the borrower will be liquidated and the lender will take possession of the collateral. The overall system has four main characteristics: no reliance on oracles, no expiration, liquidity, and peer-to-peer:

  • No reliance on oracles

Many DeFi protocols require oracles to determine liquidation positions or the timing of interest rate adjustments. For example, the price of NFTs is difficult to objectively measure, and timely updates of floor prices on-chain are difficult to observe. These solutions usually involve a trusted party or transaction manipulation. The Blend protocol avoids any reliance on oracles in its core protocol, allowing interest rates and loan ratios to be determined by the borrower’s conditions, and liquidation is triggered by the failure of the Dutch auction.

  • No expiration

Some DeFi protocols only support debt positions with expiration dates. This is inconvenient for borrowers, as they need to remember to close or adjust their positions before the expiration date (otherwise they may face penalties, such as confiscation of NFTs). The manual adjustment of positions also consumes gas, which reduces the profits generated from borrowing. As long as there are lenders willing to lend out the amount based on the collateral, Blend will automatically adjust the loan position, and on-chain transactions are only required when interest rates change or one party wants to exit the position.

  • Liquidity

Some protocols do not support pre-expiration liquidation, which is more convenient for borrowers and reasonable in many use cases. However, this effectively gives the borrower a put option, and lenders need to make choices from higher interest rates/lower loans in a shorter expiration time to avoid the risk of liquidation of their positions. In Blend, as long as the lender triggers a refinancing auction and no one is willing to take over the debt at any interest rate, the NFT can be liquidated.

  • Peer-to-peer

Some protocols pool lenders’ funds together and attempt to manage assets for them. This means that they heavily rely on on-chain or centralized management to set parameters. Blend adopts a peer-to-peer model, and each loan is individually matched. It does not optimize the simplicity of loan methods, but assumes the existence of more complex borrower capabilities to participate in complex on-chain and off-chain protocols, giving them greater control over their assets.

What is the FREI-PI model

The FREI-PI model, as explained by Nascent member Brock Elmore, stands for “Function Requirements-Effects-Interactions + Protocol Invariants LianGuaittern”. Here, the SoloMargin contract of dYdX, a lending and margin trading protocol, is used as an excellent example of the FREI-PI model. It is the only lending market in the early lending market without any market-related vulnerabilities.

When viewing the code below, pay attention to the following abstract concepts:

  • Input requirements (_verifyInputs)

  • Operations (data transformation, state manipulation)

  • State requirements (_verifyFinalState)

Source: Brock Elmore

The commonly used Checks-Effects-Interactions (CEI) pattern is still being executed. However, it should be noted that CEI with additional Checks is not equivalent to FREI-PI. Although they are similar, they serve different objectives. Developers should understand their differences: FREI-PI is a high-level abstraction for protocol security, while CEI is a high-level abstraction for functional safety.

An interesting aspect of this contract structure is that users can perform multiple operations in succession according to their own wishes, including deposits, loans, transactions, transfers, liquidations, etc. We assume that three different tokens are deposited, and the fourth token is withdrawn and the account is liquidated. This series of operations can be completed with just one click.

This is the power of FREI-PI: as long as the core lending market invariant holds true at the end of the call, users can do whatever they want within the protocol. For this contract, this will be performed in _verifyFinalState, checking the collateral of each affected account to ensure that the protocol is better off than when the transaction started.

This function also includes some additional invariants, which are complementary to the core invariant and help implement auxiliary functions such as market closure. However, it is the core checks that truly ensure protocol security.

One of the entity-centric concepts in FREI-PI is another challenge. Taking the lending market and the assumed core invariant as examples, users should not take any actions that would put any account in an insecure collateral state. Technically, this is not the only invariant, but it is the only invariance for users (understandably, it is still the core protocol invariant because user invariance is the core protocol invariant). In lending markets, there are usually two additional invariants:

1. Oracles

In general, Chainlink is a good choice, as its main function is to provide accurate and relatively accurate real-time information, which can meet the requirements of most invariants. In rare cases of manipulation or unexpected situations, it may be beneficial to have safeguards that sacrifice real-time accuracy to ensure accuracy (such as checking if the last known value is hundreds of percentage points larger than the current value). However, Cream Finance was still attacked with $130 million. For more information on oracles, please refer to: Manipulating Uniswap V3 TWAP Oracles [5];

2. Governance

Governance is the most challenging invariant, as it is difficult to be conditionally constrained and most of its effects are to change other invariants, and some governance actions cannot be verified through FREI-PI. For example, the governance action that Compound took to disrupt the cETH market in August 2022 violated the oracle invariant. For more details, please refer to [6].

In practice, every additional invariant makes the protocol more difficult to protect, so there should be as few as possible. Therefore, complexity is dangerous, and the most important invariant is the invariant at the core of the protocol. However, as mentioned above, there may also be entity-centric invariants that must satisfy the requirements of the core invariant, and the simplest/minimal set of invariants may be secure.

Summary: The Future of DeFi

Is it the best solution to build DeFi on un-upgradable source code (Primitives) and detach from oracles? After all, the flexibility and usability brought by governance, upgradability, and oracles have enabled the entire DeFi market to reach a market size of billions of dollars. According to Dan Elitzer, a member of Nascent: governance, upgradability, and oracles are not inherently bad, on the contrary, these elements have great practical value in a broader context, but they also increase the probability of protocol attacks.

Primitives themselves can also be occasionally replaced while updating functionality or improving efficiency based on demand. When choosing how to create a DeFi protocol, there are two important choices: entrust all users’ data and external condition dependencies to a relatively centralized single protocol and delegate it to a small number of token holders willing to participate in governance? Or value the ownership of each participant in the market, allowing users to decide the protocol and service providers themselves?

Participants and developers in the entire industry are committed to building more decentralized, permissionless, and highly composable DeFi to enhance the security and resilience of the entire industry. Regarding the future development direction of DeFi, we hope that it can continuously gain market share in traditional finance with a safer and more efficient operating mode.

Explanation and references:

[1] https://rekt.news/leaderboard/

[2] https://medium.com/@omniscia.io/euler-finance-incident-post-mortem-1ce077c28454

[3] https://www.investopedia.com/terms/l/loantovalue.asp

[4] https://www.paradigm.xyz/2023/05/blend

[5] https://github.com/euler-xyz/uni-v3-twap-manipulation/blob/master/cost-of-attack.pdf

[6] https://medium.com/chainlight/the-suspension-of-compound-finances-ceth-market-causes-and-solutions-b106c2e1c922

https://www.nascent.xyz/idea/youre-writing-require-statements-wrong

https://www.nascent.xyz/idea/why-defi-is-broken-and-how-to-fix-it-pt-1-oracle-free-protocols

Like what you're reading? Subscribe to our top stories.

We will continue to update Gambling Chain; if you have any questions or suggestions, please contact us!

Follow us on Twitter, Facebook, YouTube, and TikTok.

Share:

Was this article helpful?

93 out of 132 found this helpful

Gambling Chain Logo
Industry
Digital Asset Investment
Location
Real world, Metaverse and Network.
Goals
Build Daos that bring Decentralized finance to more and more persons Who love Web3.
Type
Website and other Media Daos

Products used

GC Wallet

Send targeted currencies to the right people at the right time.