Paper 2022/445

TWAP Oracle Attacks: Easier Done than Said?

Torgin Mackinga, Tejaswi Nadahalli, and Roger Wattenhofer

Abstract

Blockchain ``on-chain'' oracles are critical to the functioning of many Decentralized Finance (DeFi) protocols. We analyze these oracles for manipulation resistance. Specifically, we analyze the cost of manipulating on-chain time-weighted average price (TWAP) oracles that use the arithmetic mean. It has been assumed that manipulating a TWAP oracle with the well-known multi-block attack is expensive and scales linearly with the length of the TWAP. We question this assumption with two novel results. First, we describe a single-block attack that works under the same setting as the multi-block attack but costs less to execute. Second, we describe a multi-block MEV (MMEV) style attack where the attacker colludes with a miner/proposer who can mine/propose two blocks in a row. This MMEV style attack makes oracle manipulation orders of magnitude cheaper than previously known attacks. In the proof-of-work setting, MMEV can be done by selfish mining even with very low shares of hashpower.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. ICBC 2022
Keywords
TWAP OraclesMEVDeFi
Contact author(s)
tejaswin @ ethz ch
History
2022-04-12: received
Short URL
https://ia.cr/2022/445
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2022/445,
      author = {Torgin Mackinga and Tejaswi Nadahalli and Roger Wattenhofer},
      title = {{TWAP} Oracle Attacks: Easier Done than Said?},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/445},
      year = {2022},
      url = {https://eprint.iacr.org/2022/445}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.