Chainlink co-founder: Attacks on DeFi protocols using flash loans will continue

Price oracles are a weak spot for DeFi protocols, and attacks on them will continue and become more sophisticated. This was stated on the Decrypt Daily podcast.

In his words, it is data centralization that makes the price feed mechanism vulnerable.

«The essence of the attack is that there exists a single price data provider, a single exchange. Often, for simplicity and speed of development, data from intra-network DEXs and exchange infrastructure are used to obtain prices and launch DeFi applications», Nazarov explained.

To manipulate prices even on a single exchange, attackers require substantial capital. They opt for flash loan attacks because they give them access to large sums over a short period. This, in turn, allows hackers to manipulate token prices, distorting oracle data.

The danger of such attacks is that they do not require knowledge of code, only sufficient funds. However, obtaining data from several intra-network exchanges will not protect DeFi platforms, although it will make them more complex and costly, warns Sergey Nazarov.

«To counter such attacks, DeFi platforms must significantly broaden the range of price data they receive. Then manipulating an asset’s price would only be possible by distorting its global value», he added.

In recent months, several DeFi platforms have been hacked using flash loan attacks. The loss from the Value DeFi stood at $6 million, the Akropolis project’s liquidity pools lost $2 million.

Subscribe to the ForkLog channel on YouTube.