*Article* **Oracles in Decentralized Finance: Attack Costs, Profits and Mitigation Measures**

**Ayana T. Aspembitova \* and Michael A. Bentley**

Euler Labs, London EC1V 2NX, UK

**\*** Correspondence: ayana.aspembitova@euler.xyz

**Abstract:** Decentralized finance (DeFi) is by far the most popular application of blockchain technology. Despite the wide acceptance of new financial instruments and services, there are still many unexplored areas in the field. We dedicate this research to the understanding of one of the most crucial limitations of decentralized finance—oracles. DeFi protocols, as well as other blockchain applications, function in a closed environment and regularly need to fetch real-world information (e.g., assets' prices)—the tool used for this purpose is called an oracle. We review the existing oracle types in DeFi applications and focus our research on the least explored one: when another protocol, typically a decentralized exchange, serves as a price oracle. After explaining the mechanisms behind the decentralized exchanges, we introduce an algorithmic model that allows one to safely design a decentralized oracle and adjust crucial parameters. We believe that understanding and implementing the logic presented in the model can help to reduce the chances of price manipulations attacks, which are the most frequent incident types in DeFi.

**Keywords:** DeFi; oracle; automated market makers; decentralized exchange; lending protocol
