One of the most important ingredients for a successful defi ecosystem is a highly secure price oracle. Algorithmic stablecoins (eg. DAI, RAI, LQTY) depend on a price oracle, synthetic assets of any type depend on a price oracle, collateralized loans depend on a price oracle, as do many other types of projects. Uniswap does provide an "oracle" for the price of ERC20s traded on the exchange, but this is not a true oracle as it does not provide the price of anything in the outside world. This is a problem: algorithmic stablecoins need an oracle for the price of ETH/USD to be able to function, and they specifically need an oracle for USD the off-chain fiat asset, and not any specific on-chain instantiation of USD. Similarly, synthetic assets need an oracle for the price of ETH denominated in whatever asset they are mirroring.
I recommend that Uniswap and the UNI token step in and provide such an oracle (eg. modeled after the Augur or UMA design), specialized to providing price data that's robust and extremely costly to manipulate and attack.
The goal of algorithmic stablecoins is to try to be maximally censorship-resistant and robust by being free of dependencies to the "fiat world". If this goal is not important to a stablecoin user, then they can avoid algorithmic stablecoins' technical risks by just using USDC directly. If this goal is important to a stablecoin user, then it's important to avoid not just direct dependencies on the fiat markets but also indirect dependencies. Using the ETH/USDC price as a proxy for ETH/USD does not achieve that goal, because such system is still ultimately dependent on USDC continuing to exist and being freely tradeable.
Taking the median of multiple ETH/stablecoin rates (eg. USDC, GUSD and USDT) is at best a small improvement, because the traditional financial system is quite coordinated and can easily become less friendly to all asset-backed stablecoins simultaneously. Hence, if we want to have algorithmic stablecoins that fulfill the raison d'être of their category, an oracle that provides the price between ETH and the USD in the fiat world is needed.
Currently, most "governance-minimized stablecoins" are using Chainlink as their oracle. Chainlink is really valuable for many oracle use cases, but it is also a complex system with many features. Incentives are not as clean as they are in eg. Augur; in particular, there is not an automated mechanism by which participants who provide wrong answers get penalized.
Much like it's desirable to complement MakerDAO with more minimalist stablecoin alternatives like RAI (disclosure: I hold both MKR and Rai's FLX) so that the ecosystem can be more resilient through the diversity of different approaches, it also seems desirable to complement Chainlink with a more minimalist alternative that's more laser-focused on optimizing incentives and maximizing cost of attack. A robustness-favoring oracle should target these properties even at the cost of being okay with tradeoffs like long resolution times and being limited to one specific type of data (price indices for highly liquid assets).
Decentralized price oracles (at least, if they want to avoid dependence on an identity layer) need to have a token for sybil-resistance. Holders of the token are asked what the price is, and typically an economic mechanism is introduced where those who provide the majority answer are rewarded and those who provide the minority answer are penalized.
If the majority of token holders are corrupted, they can successfully impose an incorrect answer, and at that point it's up to the minority holders to create a fork of the system where the attackers' coins are zeroed out and convince the community to prefer the fork from that point forward. The cost of such an attack is thus half the market cap of the token, minus some amount to account for very lazy holders who are not willing to participate in a vote even in an extreme emergency that could cost them their coins.
For this reason, a robust token-based decentralized oracle for a defi project must first and foremost be based on a token with large market cap. Efficiency of an oracle is not important: an inefficient oracle can always be augmented with a game where one party claims a value and only if another party disagrees is the oracle actually called. Cost of attack, on the other hand, is absolutely essential to maximize, and thus market cap is key. And the two Ethereum project coins out there with the highest market caps are.... LINK and UNI.
Supporting oracles would not just be an act of altruism for Uniswap; in fact, Uniswap heavily benefits from the existence of a more robust stablecoin ecosystem. Uniswap v3 is heavily optimized toward ultra-high capital efficiency for stablecoin <-> stablecoin trades, and is likely to earn very high amounts of fee revenue from these trades. If we start to also see high-volume and robust synthetic assets emerge on-chain, then this is even more valuable for Uniswap.
The Ethereum ecosystem aims to be the base layer of a fundamentally broader set of applications than preceding blockchain platforms attempted to cover. The goal is not just supporting holding and transfer of a basic asset, but also a decentralized finance (DeFi) ecosystem and also increasingly a decentralized governance (DeGov) ecosystem. There's also a large need for public goods funding in the Ethereum ecosystem.
Supporting this broader vision requires something more expansive than "just a blockchain". Arguably, it requires taking a few steps in the direction of the "crypto state" vision, expanding the services that the blockchain ecosystem provides to not just security but also oracles, dispute resolution, public goods funding, identity, etc. But in order for Ethereum to be a stable platform, there is a need for the blockchain base layer to be governance-minimalist. The governance minimalism gives users confidence that applications that they care about will not be interfered with, and that the base layer will not be ripped apart by political conflicts over addition of controversial features.
Hence, these services need to somehow be provided at layer 2. MEV auctions on rollups to fund ecosystem-wide public goods, as being implemented by Optimism, are one example of this. And Uniswap, as a decentralized exchange that is core to the Ethereum ecosystem also taking on more responsibilities (including price oracle provision) is another natural potential step in this direction.
One of the most important ingredients for a successful defi ecosystem is a highly secure price oracle. Algorithmic stablecoins (eg. DAI, RAI, LQTY) depend on a price oracle, synthetic assets of any type depend on a price oracle, collateralized loans depend on a price oracle, as do many other types of projects. Uniswap does provide an "oracle" for the price of ERC20s traded on the exchange, but this is not a true oracle as it does not provide the price of anything in the outside world. This is a problem: algorithmic stablecoins need an oracle for the price of ETH/USD to be able to function, and they specifically need an oracle for USD the off-chain fiat asset, and not any specific on-chain instantiation of USD. Similarly, synthetic assets need an oracle for the price of ETH denominated in whatever asset they are mirroring.
I recommend that Uniswap and the UNI token step in and provide such an oracle (eg. modeled after the Augur or UMA design), specialized to providing price data that's robust and extremely costly to manipulate and attack.
The goal of algorithmic stablecoins is to try to be maximally censorship-resistant and robust by being free of dependencies to the "fiat world". If this goal is not important to a stablecoin user, then they can avoid algorithmic stablecoins' technical risks by just using USDC directly. If this goal is important to a stablecoin user, then it's important to avoid not just direct dependencies on the fiat markets but also indirect dependencies. Using the ETH/USDC price as a proxy for ETH/USD does not achieve that goal, because such system is still ultimately dependent on USDC continuing to exist and being freely tradeable.
Taking the median of multiple ETH/stablecoin rates (eg. USDC, GUSD and USDT) is at best a small improvement, because the traditional financial system is quite coordinated and can easily become less friendly to all asset-backed stablecoins simultaneously. Hence, if we want to have algorithmic stablecoins that fulfill the raison d'être of their category, an oracle that provides the price between ETH and the USD in the fiat world is needed.
Currently, most "governance-minimized stablecoins" are using Chainlink as their oracle. Chainlink is really valuable for many oracle use cases, but it is also a complex system with many features. Incentives are not as clean as they are in eg. Augur; in particular, there is not an automated mechanism by which participants who provide wrong answers get penalized.
Much like it's desirable to complement MakerDAO with more minimalist stablecoin alternatives like RAI (disclosure: I hold both MKR and Rai's FLX) so that the ecosystem can be more resilient through the diversity of different approaches, it also seems desirable to complement Chainlink with a more minimalist alternative that's more laser-focused on optimizing incentives and maximizing cost of attack. A robustness-favoring oracle should target these properties even at the cost of being okay with tradeoffs like long resolution times and being limited to one specific type of data (price indices for highly liquid assets).
Decentralized price oracles (at least, if they want to avoid dependence on an identity layer) need to have a token for sybil-resistance. Holders of the token are asked what the price is, and typically an economic mechanism is introduced where those who provide the majority answer are rewarded and those who provide the minority answer are penalized.
If the majority of token holders are corrupted, they can successfully impose an incorrect answer, and at that point it's up to the minority holders to create a fork of the system where the attackers' coins are zeroed out and convince the community to prefer the fork from that point forward. The cost of such an attack is thus half the market cap of the token, minus some amount to account for very lazy holders who are not willing to participate in a vote even in an extreme emergency that could cost them their coins.
For this reason, a robust token-based decentralized oracle for a defi project must first and foremost be based on a token with large market cap. Efficiency of an oracle is not important: an inefficient oracle can always be augmented with a game where one party claims a value and only if another party disagrees is the oracle actually called. Cost of attack, on the other hand, is absolutely essential to maximize, and thus market cap is key. And the two Ethereum project coins out there with the highest market caps are.... LINK and UNI.
Supporting oracles would not just be an act of altruism for Uniswap; in fact, Uniswap heavily benefits from the existence of a more robust stablecoin ecosystem. Uniswap v3 is heavily optimized toward ultra-high capital efficiency for stablecoin <-> stablecoin trades, and is likely to earn very high amounts of fee revenue from these trades. If we start to also see high-volume and robust synthetic assets emerge on-chain, then this is even more valuable for Uniswap.
The Ethereum ecosystem aims to be the base layer of a fundamentally broader set of applications than preceding blockchain platforms attempted to cover. The goal is not just supporting holding and transfer of a basic asset, but also a decentralized finance (DeFi) ecosystem and also increasingly a decentralized governance (DeGov) ecosystem. There's also a large need for public goods funding in the Ethereum ecosystem.
Supporting this broader vision requires something more expansive than "just a blockchain". Arguably, it requires taking a few steps in the direction of the "crypto state" vision, expanding the services that the blockchain ecosystem provides to not just security but also oracles, dispute resolution, public goods funding, identity, etc. But in order for Ethereum to be a stable platform, there is a need for the blockchain base layer to be governance-minimalist. The governance minimalism gives users confidence that applications that they care about will not be interfered with, and that the base layer will not be ripped apart by political conflicts over addition of controversial features.
Hence, these services need to somehow be provided at layer 2. MEV auctions on rollups to fund ecosystem-wide public goods, as being implemented by Optimism, are one example of this. And Uniswap, as a decentralized exchange that is core to the Ethereum ecosystem also taking on more responsibilities (including price oracle provision) is another natural potential step in this direction.
I think that it’s a very good idea to make UNI an oracle token, but there should be some more considerations.
I think that it’s a very good idea to make UNI an oracle token, but there should be some more considerations.
Selamlar olsun arkadaşlar
Very Nice View
Total Agree With You
Anyone interested in this topic should do a deep dive into how UMA's priceless oracles work and how it processes liquidation. The system is already live and has proceeded many liquidations + resolved liquidation disputes.
Many of your will be surprised at how it can provide timely liquidations similar to Chainlinks but with the crypto-economical guarantees Vitalik suggests.
Anyone interested in this topic should do a deep dive into how UMA's priceless oracles work and how it processes liquidation. The system is already live and has proceeded many liquidations + resolved liquidation disputes.
Many of your will be surprised at how it can provide timely liquidations similar to Chainlinks but with the crypto-economical guarantees Vitalik suggests.
https://mbroome02.medium.com/uma-liquidations-what-to-know-b02db66a3b28
https://twitter.com/alex_kroeger/status/1467910974640246784
Alex makes some good points regarding UNI becoming an Oracle. Its time to bring this proposal back to light
I am also curious if this proposal has been voted on yet. Having UNI as a oracle token makes sense, especially of it increases trust of on chain oracles. Such as keep robust liquidity around spot.
i am totally agree with all this proposal
nice post about coins ghjk
Having another reliable oracle available is a "god send" for pretty much everybody in DeFi ecosystem. UNI seems to be a great position to make it happen. It sounds like a win-win for me
Debatable for sure! Some valid points here
Virtually all aspects of the Augur oracle design were originally proposed by me. Yet, it was not possible without Joey. I continually pitched ideas most of which were bad ideas and I needed Joey to detect bad ideas. I came up with the formulas used and wrote proofs for why they were the minimum value transfers needed to make honest behavior rational. Jack did not participate in the system design (cant remember if literally zero or a little bit...he was following along closely). The system design was Joey and I, with a small amount of help from Vitalik via Skype.
Eventually I noticed Micah Zoltu on Augur forums and advocated to have him hired. At the time he was on par with me at decision theory / mechanism design, but better than me in every other measurable way. He replaced me and finished out the final tweaks of the system design.
one small step for crypto, one giant leap for cryptocurrency
This is great proposal and uniswap will be more great.
Selamlar olsun arkadaşlar
Very Nice View
Total Agree With You
Anyone interested in this topic should do a deep dive into how UMA's priceless oracles work and how it processes liquidation. The system is already live and has proceeded many liquidations + resolved liquidation disputes.
Many of your will be surprised at how it can provide timely liquidations similar to Chainlinks but with the crypto-economical guarantees Vitalik suggests.
Anyone interested in this topic should do a deep dive into how UMA's priceless oracles work and how it processes liquidation. The system is already live and has proceeded many liquidations + resolved liquidation disputes.
Many of your will be surprised at how it can provide timely liquidations similar to Chainlinks but with the crypto-economical guarantees Vitalik suggests.
https://mbroome02.medium.com/uma-liquidations-what-to-know-b02db66a3b28
https://twitter.com/alex_kroeger/status/1467910974640246784
Alex makes some good points regarding UNI becoming an Oracle. Its time to bring this proposal back to light
I am also curious if this proposal has been voted on yet. Having UNI as a oracle token makes sense, especially of it increases trust of on chain oracles. Such as keep robust liquidity around spot.
i am totally agree with all this proposal
nice post about coins ghjk
Having another reliable oracle available is a "god send" for pretty much everybody in DeFi ecosystem. UNI seems to be a great position to make it happen. It sounds like a win-win for me
Debatable for sure! Some valid points here
Virtually all aspects of the Augur oracle design were originally proposed by me. Yet, it was not possible without Joey. I continually pitched ideas most of which were bad ideas and I needed Joey to detect bad ideas. I came up with the formulas used and wrote proofs for why they were the minimum value transfers needed to make honest behavior rational. Jack did not participate in the system design (cant remember if literally zero or a little bit...he was following along closely). The system design was Joey and I, with a small amount of help from Vitalik via Skype.
Eventually I noticed Micah Zoltu on Augur forums and advocated to have him hired. At the time he was on par with me at decision theory / mechanism design, but better than me in every other measurable way. He replaced me and finished out the final tweaks of the system design.
one small step for crypto, one giant leap for cryptocurrency
This is great proposal and uniswap will be more great.
Guessing this idea is dead now since @vbuterin abandoned it and Uniswap is exploring Arbitrum which uses Chainlink oracles?
so what is the status of this proposal? has it already been voted on or no? thanks in advance
Decentralized price oracles (at least, if they want to avoid dependence on an identity layer) need to have a token for sybil-resistance. Holders of the token are asked what the price is, and typically an economic mechanism is introduced where those who provide the majority answer are rewarded and those who provide the minority answer are penalized.
Decentralized price oracles (at least, if they want to avoid dependence on an identity layer) need to have a token for sybil-resistance. Holders of the token are asked what the price is, and typically an economic mechanism is introduced where those who provide the majority answer are rewarded and those who provide the minority answer are penalized.
What about a "virtual token" of fixed amount (say, 1 billion or trillion TOKENS or whatever makes sense) that's bound by a smart contract to the value of all the liquidity pools. The pool value can be calculated in any currency available on the exchange. ETH makes sense as the largest currency on the network, but any stablecoin could be good too. Then the price is a simple $POOL_VALUE/TOKEN_QTY and the total pool value is the token's market cap. The token should not be tradable, only used as price reference within the protocol the liquidity pools exist in.
Additionally this could allow new features, like providing liquidity against multiple tokens with single asset with the "virtual token" serving as an intermediary in calculating the exchange rate.
If it's not obvious by now, I'm very new to the crypto market, so disregard if this makes no sense. On the other hand, if this is the most brilliant simple idea no one else thought about before, glad to help :slight_smile: and feel free to take it wherever it can go. Cheeeerss
Good post. I would argue that UMA is the sped up + price focused version of Augur that you suggest in your post. The UMA design owes a lot of inspiration to both Augur and V’s schellingcoin post.
I am the original conceiver and designer of Augurs oracle system. Wanted to add some information not in this thread yet.
-- Augur security margin (assuming it is still designed the same) comes from the universe forking where the oracle service is frozen while the two versions of REP compete for market cap. The one with the higher market cap at the end of the competition gets control of the existing markets. This requires an attacker to not just have n/2 of the market cap, but to have enough to inflate a worthless crypto at a price for an extended period of time. I forget some specifics, but assuming all holders of the fake REP sell (as is rational to do) at slightly above full market value of the real REP (as is required for the attacker to win), the cost of attack in actually n. Its possible to extend this into an infinite security margin by having multiple rounds where the attacker must double the amount of money honest holders have each time. This infinite security margin comes at the cost of arbitrary long amount of time to freeze the oracle services.
I am the original conceiver and designer of Augurs oracle system. Wanted to add some information not in this thread yet.
-- Augur security margin (assuming it is still designed the same) comes from the universe forking where the oracle service is frozen while the two versions of REP compete for market cap. The one with the higher market cap at the end of the competition gets control of the existing markets. This requires an attacker to not just have n/2 of the market cap, but to have enough to inflate a worthless crypto at a price for an extended period of time. I forget some specifics, but assuming all holders of the fake REP sell (as is rational to do) at slightly above full market value of the real REP (as is required for the attacker to win), the cost of attack in actually n. Its possible to extend this into an infinite security margin by having multiple rounds where the attacker must double the amount of money honest holders have each time. This infinite security margin comes at the cost of arbitrary long amount of time to freeze the oracle services.
-- Chainlink V2 has serious security margin issues as laid out in the V2 whitepaper. It seemed suspicious when I skimmed the paper originally, but it was not until a writeup made the week in ethereum news making a convincing case that a second tier does not help at all with the security and it is not actually n^2. That said, I am completely confident Chainlink will resolve this design issue. After all, they had to make it in secret with NDAs and a bit too many non crypto university professors. Now that they are able to get wider community input I am confident Chainlink v2 will be a quality product with many capabilities. Makes me wonder though if Chainlink V2s multi hundred page paper with huge ambitions and complexity as well as security margin issue was why Vitalik chose to make this plea to Uniswap instead. He probably just wanted a high market cap erc20 that was not Chainlink to make the request to since a high market cap is a prerequisite to a secure oracle.
-- Augurs model can be sped up close to real time if the data at hand is simply a price number because it doesnt require human interpretation. A node can be coded to just automatically contest and stake against incorrect prices with a single block delay, doubling until a fork. Because it can be automated it wont be as slow as Vitalik and others in this thread are assuming. It would even be fast enough (1 block delay almost always) for liquidation, although someone can delay the price update a few blocks in a row by frivolous contesting. This frivolous delay would probably not be able to be more than several blocks though because of the bond doubling each time. Another catch is that all services relying on this oracle would have to be able to gracefully handle the price feed being delayed, or potentially frozen for a long time if a fork happens.
-- I agree with the general sentiment that this is orthogonal to Uniswap raison d'être. While it would add value to the UNI token, it is a pretty serious 'side project' to do an upgrade that includes UNI tokens splitting in a fork. It may also for security add requirements for UNI token holders to take action in the event of a major contentious event. It may also be a waste of resources if Chainlink delivers a high security margin solution with the ability to contest and lose increasingly staked amounts. I expect that a sped up and automated version of Augur oracle but for price feeds that typically resolves in a single block will eventually exist, and Chainlink will probably take it. Still if Uniswap governance has a huge amount of money to throw around, this has a chance of adding value to the UNI token, and perhaps this is worth doing, but really think they probably have better value propositions.
Using a native token for oracle networks maximizes security and long term sustainability in the form of implicit incentives and network subsidies. As noted before, oracles holding and getting paid in a token whose value is derived directly from the health of that oracle network provides greater security as nodes operators are more financially exposed to the health of that network, aligning incentives. Using ETH doesn't provide this dynamic as its value comes from the health and adoption of the Ethereum network, not any specific oracle network. Additionally, a native token provides subsidies (like a block reward) which is used to not only bootstrap new oracle networks, but also provide oracles a higher revenue (creating a higher opportunity cost of malicious activity as they could lose this income) and lower costs for users as they don't have to pay the full costs, increasing usage of that oracle solution. This is why we have not seen any oracle solution operate at scale without a native token. This dynamic applies to both Chainlink and this proposal.
If maximizing market cap is the goal for security, why not use an oracle that fully operates on the blockchain's native currency e.g. ETH?
Chainlink is a framework for building oracle networks, so anyone can create a network that uses and weights any selection data sources desired for their use case, which we have seen in the creation of different oracle networks for different dApps. The management of the Price Feeds used by the larger DeFi projects like Aave and Synthetix was already been improved upon with the hiring of Ben Chan a year ago to lead engineering at Chainlink Labs (who was previously CTO of the multisig firm BitGo and co-architect of WBTC) to improve the processes around specific parameter changes, as well as an expansion of the multisig participants to include the larger ecosystem users as signers.
What you noted about the gold price feed from a year ago wasn’t an attack on the network but a misconfiguration of a single feed that resulted in minimal issues.
Reposting this from another forum to add to the discussion (not my opinions)
This is a good thread so I will drop some alpha
Vita|ik makes UNI oracle thread
intentionally designed as |ow-frequency/high-latency oracle
speci?cally mentions Optimism
mentions lots of weird quirky constraints that it will need to have which don't make sense on initial inspection
I can expand upon Chainlink's cryptoeconomic security for clarity. Chainlink oracle networks are cryptoeconomically secured today through implicit incentives. Each Chainlink node in the network holds and is paid in LINK tokens for their oracle services. The value of LINK itself is derived from the health, adoption, and reputation of the network as a whole, creating a strong economic incentive for each node to provide a secure and reliable source of external data (e.g. ETH/USD) in order to uphold the value of not only their current LINK holdings but also their future revenue (which is denominated in LINK).
We see implicit incentives in existing networks like Bitcoin and Ethereum. Because Ethereum miners hold and are paid in ETH, they operate the protocol faithfully because a corrupted network would result in the devaluation of ETH due to the destroyed trust of the network, creating financial harm to themselves. In the Chainlink Network, a successful collusion attack between the most reputable and profitable nodes that ends up results in a significant loss/exploits for DeFi protocols would likewise destroy trust in the network, resulting in a devaluation of the value of LINK.
In addition, each individual Chainlink node is a publicly identifiable entity with their individual future revenue, reputation, and off-chain business on the line. Chainlink nodes operated by enterprises like Deutsche Telekom and data providers like Kaiko have significant revenue both within and outside of the Chainlink network, which would be forfeited through malicious activity. Therefore, for economically rational nodes, it is more profitable to be honest, which is why the honest majority assumption works for networks like Bitcoin, Ethereum, Chainlink, etc.
What you noted about the gold price feed from a year ago wasn't an attack on the network but a misconfiguration of a single feed that resulted in minimal issues. If tens of billions of dollars had been stolen as a result, the value of LINK would have certainly been significantly affected here, creating a financial penalty. The devaluation of the native token depends on the severity of the network issue/attack. The Chainlink network has been significantly hardened since then and uses an entirely different oracle network model, so such issues have not occurred since, but the security of the Chainlink network is not static and continues to evolve.
The Chainlink 2.0 whitepaper was recently published which modeled an explicit staking mechanism where nodes stake their LINK tokens in a service agreement and can be slashed for providing manipulated data. Here, a two-tier oracle network model is used, with a low-cost first-tier that continuously generates oracle reports and a higher-cost maximum-security second tier used for settling disputes, which creates a super-linear staking impact where the cost of attack is significantly greater (quadratic in the number of first-tier nodes) than the sum of all deposits within that network.
The first-tier consists of nodes explicitly staking LINK while the second-tier consists of the most reputable, reliable, and profitable nodes in the Chainlink network who have the greatest financial exposure to LINK and as rational economic actors resolve the rare disputes accurately in order to uphold the value of their LINK holdings, LINK staked in other first-tier networks, future LINK revenue, and individual reputation. The whitepaper goes much deeper into this mechanism than I can cover here, but this mechanism would provide slashing-based cryptoeconomic security in addition to the existing implicit incentives-based cryptoeconomic security.
research.chain[dot]link/whitepaper-v2.pdf
To note, the Chainlink Network is already cryptoeconomically secured by the $46B FDV LINK token through implicit incentives (oracle nodes are paid in and hold native tokens whose value is derived from the health of the network as a whole). This form of cryptoeconomic security is already seen with the Bitcoin and Ethereum networks today (miners hold and are paid in native coins) and is why the honest majority assumption works, it’s backed by economic incentives and penalties. Additional cryptoeconomic security through explicit staking (the slashing of deposited stake from malicious nodes) is being worked on and will be implemented with Chainlink 2.0, discussed in the recent whitepaper.
Thanks for elaborating on forking and the risks Uni's oracle might face. However I still don't understand this, maybe I'm just too dumb 😂
The cost of such an attack is thus half the market cap of the token
Any links/resources to read in order to understand it is very much appreciated 🙏
I've expanded upon my thoughts on this proposal in this Twitter thread here. In my opinion, this proposal would require a serious pivot from the Uniswap team from being a decentralized exchange to also creating a dedicated oracle protocol, a multi-year full-time task to accomplish. Projects specializing in building a specific piece of composable smart contract infrastructure is the beauty of the DeFi stack, it leads to efficient usage of limited developer resources.
To note, the Chainlink Network is already cryptoeconomically secured by the $46B FDV LINK token through implicit incentives (oracle nodes are paid in and hold native tokens whose value is derived from the health of the network as a whole). This form of cryptoeconomic security is already seen with the Bitcoin and Ethereum networks today (miners hold and are paid in native coins) and is why the honest majority assumption works, it's backed by economic incentives and penalties. Additional cryptoeconomic security through explicit staking (the slashing of deposited stake from malicious nodes) is being worked on and will be implemented with Chainlink 2.0, discussed in the recent whitepaper.
Forking doesn't assume control, it creates an entirely new chain which Uniswap would not be using. Assuming that the devs then swapped to the new chain, you've still just suffered a massive attack that has debilitated the platform by draining its funds and leaving users having lost trust. You can't just fork problems away :)
And he wasn't saying you assume no angels, he was saying when modeling out possibilities such as threats in crypto, the general assumption is that people have the worst intentions. If you are prepared for the worst, then you are prepared for the best as well. Given the stakes, that's the safest way to do this. Of course, Uni's TWAP oracle has clear vulnerabilities and is just one of many attempts at solving something but missing potential threats, so it's easier said to assume these things than it is in practice. Hard to account for everything in design, which generally speaking is why most companies do NOT try to build their own version of a product where a suitable, affordable version of what they need already exists. It's very high risk to spend that many resources just to fail. Even after all the time spent on oracles for the uni team they have to go back to the drawing board completely if they want to get it right on their own, and it's another risk. When you're talking about people's money "most of the time it works" is not good enough. The TWAP oracles simply are not robust enough. Uni needs to make a choice to abandon their dex and try to compete as an oracle (idiotic) or adopt an existing, functional oracle solution which suits the needs of DeFi. And there is currently only one option, for better or for worse. I really don't get the adversity some projects have to using Chainlink, they have proven time and time again to prevent losses in case of attacks and the network has only gotten better with time. Even Maker who refused to use Chainlink now indirectly uses Chainlink because all of their feed providers do. Compound is adopting Chainlink in conjunction with Uni's oracle (Uni's oracle not needed but another case of ego where Compound's founder simply can't admit that Chainlink got it right where they could not on their own). Uni is the last bastion of DeFi that is fighting Chainlink. For what? Going to kill the network.
Guessing this idea is dead now since @vbuterin abandoned it and Uniswap is exploring Arbitrum which uses Chainlink oracles?
so what is the status of this proposal? has it already been voted on or no? thanks in advance
Decentralized price oracles (at least, if they want to avoid dependence on an identity layer) need to have a token for sybil-resistance. Holders of the token are asked what the price is, and typically an economic mechanism is introduced where those who provide the majority answer are rewarded and those who provide the minority answer are penalized.
Decentralized price oracles (at least, if they want to avoid dependence on an identity layer) need to have a token for sybil-resistance. Holders of the token are asked what the price is, and typically an economic mechanism is introduced where those who provide the majority answer are rewarded and those who provide the minority answer are penalized.
What about a "virtual token" of fixed amount (say, 1 billion or trillion TOKENS or whatever makes sense) that's bound by a smart contract to the value of all the liquidity pools. The pool value can be calculated in any currency available on the exchange. ETH makes sense as the largest currency on the network, but any stablecoin could be good too. Then the price is a simple $POOL_VALUE/TOKEN_QTY and the total pool value is the token's market cap. The token should not be tradable, only used as price reference within the protocol the liquidity pools exist in.
Additionally this could allow new features, like providing liquidity against multiple tokens with single asset with the "virtual token" serving as an intermediary in calculating the exchange rate.
If it's not obvious by now, I'm very new to the crypto market, so disregard if this makes no sense. On the other hand, if this is the most brilliant simple idea no one else thought about before, glad to help :slight_smile: and feel free to take it wherever it can go. Cheeeerss
Good post. I would argue that UMA is the sped up + price focused version of Augur that you suggest in your post. The UMA design owes a lot of inspiration to both Augur and V’s schellingcoin post.
I am the original conceiver and designer of Augurs oracle system. Wanted to add some information not in this thread yet.
-- Augur security margin (assuming it is still designed the same) comes from the universe forking where the oracle service is frozen while the two versions of REP compete for market cap. The one with the higher market cap at the end of the competition gets control of the existing markets. This requires an attacker to not just have n/2 of the market cap, but to have enough to inflate a worthless crypto at a price for an extended period of time. I forget some specifics, but assuming all holders of the fake REP sell (as is rational to do) at slightly above full market value of the real REP (as is required for the attacker to win), the cost of attack in actually n. Its possible to extend this into an infinite security margin by having multiple rounds where the attacker must double the amount of money honest holders have each time. This infinite security margin comes at the cost of arbitrary long amount of time to freeze the oracle services.
I am the original conceiver and designer of Augurs oracle system. Wanted to add some information not in this thread yet.
-- Augur security margin (assuming it is still designed the same) comes from the universe forking where the oracle service is frozen while the two versions of REP compete for market cap. The one with the higher market cap at the end of the competition gets control of the existing markets. This requires an attacker to not just have n/2 of the market cap, but to have enough to inflate a worthless crypto at a price for an extended period of time. I forget some specifics, but assuming all holders of the fake REP sell (as is rational to do) at slightly above full market value of the real REP (as is required for the attacker to win), the cost of attack in actually n. Its possible to extend this into an infinite security margin by having multiple rounds where the attacker must double the amount of money honest holders have each time. This infinite security margin comes at the cost of arbitrary long amount of time to freeze the oracle services.
-- Chainlink V2 has serious security margin issues as laid out in the V2 whitepaper. It seemed suspicious when I skimmed the paper originally, but it was not until a writeup made the week in ethereum news making a convincing case that a second tier does not help at all with the security and it is not actually n^2. That said, I am completely confident Chainlink will resolve this design issue. After all, they had to make it in secret with NDAs and a bit too many non crypto university professors. Now that they are able to get wider community input I am confident Chainlink v2 will be a quality product with many capabilities. Makes me wonder though if Chainlink V2s multi hundred page paper with huge ambitions and complexity as well as security margin issue was why Vitalik chose to make this plea to Uniswap instead. He probably just wanted a high market cap erc20 that was not Chainlink to make the request to since a high market cap is a prerequisite to a secure oracle.
-- Augurs model can be sped up close to real time if the data at hand is simply a price number because it doesnt require human interpretation. A node can be coded to just automatically contest and stake against incorrect prices with a single block delay, doubling until a fork. Because it can be automated it wont be as slow as Vitalik and others in this thread are assuming. It would even be fast enough (1 block delay almost always) for liquidation, although someone can delay the price update a few blocks in a row by frivolous contesting. This frivolous delay would probably not be able to be more than several blocks though because of the bond doubling each time. Another catch is that all services relying on this oracle would have to be able to gracefully handle the price feed being delayed, or potentially frozen for a long time if a fork happens.
-- I agree with the general sentiment that this is orthogonal to Uniswap raison d'être. While it would add value to the UNI token, it is a pretty serious 'side project' to do an upgrade that includes UNI tokens splitting in a fork. It may also for security add requirements for UNI token holders to take action in the event of a major contentious event. It may also be a waste of resources if Chainlink delivers a high security margin solution with the ability to contest and lose increasingly staked amounts. I expect that a sped up and automated version of Augur oracle but for price feeds that typically resolves in a single block will eventually exist, and Chainlink will probably take it. Still if Uniswap governance has a huge amount of money to throw around, this has a chance of adding value to the UNI token, and perhaps this is worth doing, but really think they probably have better value propositions.
Using a native token for oracle networks maximizes security and long term sustainability in the form of implicit incentives and network subsidies. As noted before, oracles holding and getting paid in a token whose value is derived directly from the health of that oracle network provides greater security as nodes operators are more financially exposed to the health of that network, aligning incentives. Using ETH doesn't provide this dynamic as its value comes from the health and adoption of the Ethereum network, not any specific oracle network. Additionally, a native token provides subsidies (like a block reward) which is used to not only bootstrap new oracle networks, but also provide oracles a higher revenue (creating a higher opportunity cost of malicious activity as they could lose this income) and lower costs for users as they don't have to pay the full costs, increasing usage of that oracle solution. This is why we have not seen any oracle solution operate at scale without a native token. This dynamic applies to both Chainlink and this proposal.
If maximizing market cap is the goal for security, why not use an oracle that fully operates on the blockchain's native currency e.g. ETH?
Chainlink is a framework for building oracle networks, so anyone can create a network that uses and weights any selection data sources desired for their use case, which we have seen in the creation of different oracle networks for different dApps. The management of the Price Feeds used by the larger DeFi projects like Aave and Synthetix was already been improved upon with the hiring of Ben Chan a year ago to lead engineering at Chainlink Labs (who was previously CTO of the multisig firm BitGo and co-architect of WBTC) to improve the processes around specific parameter changes, as well as an expansion of the multisig participants to include the larger ecosystem users as signers.
What you noted about the gold price feed from a year ago wasn’t an attack on the network but a misconfiguration of a single feed that resulted in minimal issues.
Reposting this from another forum to add to the discussion (not my opinions)
This is a good thread so I will drop some alpha
Vita|ik makes UNI oracle thread
intentionally designed as |ow-frequency/high-latency oracle
speci?cally mentions Optimism
mentions lots of weird quirky constraints that it will need to have which don't make sense on initial inspection
I can expand upon Chainlink's cryptoeconomic security for clarity. Chainlink oracle networks are cryptoeconomically secured today through implicit incentives. Each Chainlink node in the network holds and is paid in LINK tokens for their oracle services. The value of LINK itself is derived from the health, adoption, and reputation of the network as a whole, creating a strong economic incentive for each node to provide a secure and reliable source of external data (e.g. ETH/USD) in order to uphold the value of not only their current LINK holdings but also their future revenue (which is denominated in LINK).
We see implicit incentives in existing networks like Bitcoin and Ethereum. Because Ethereum miners hold and are paid in ETH, they operate the protocol faithfully because a corrupted network would result in the devaluation of ETH due to the destroyed trust of the network, creating financial harm to themselves. In the Chainlink Network, a successful collusion attack between the most reputable and profitable nodes that ends up results in a significant loss/exploits for DeFi protocols would likewise destroy trust in the network, resulting in a devaluation of the value of LINK.
In addition, each individual Chainlink node is a publicly identifiable entity with their individual future revenue, reputation, and off-chain business on the line. Chainlink nodes operated by enterprises like Deutsche Telekom and data providers like Kaiko have significant revenue both within and outside of the Chainlink network, which would be forfeited through malicious activity. Therefore, for economically rational nodes, it is more profitable to be honest, which is why the honest majority assumption works for networks like Bitcoin, Ethereum, Chainlink, etc.
What you noted about the gold price feed from a year ago wasn't an attack on the network but a misconfiguration of a single feed that resulted in minimal issues. If tens of billions of dollars had been stolen as a result, the value of LINK would have certainly been significantly affected here, creating a financial penalty. The devaluation of the native token depends on the severity of the network issue/attack. The Chainlink network has been significantly hardened since then and uses an entirely different oracle network model, so such issues have not occurred since, but the security of the Chainlink network is not static and continues to evolve.
The Chainlink 2.0 whitepaper was recently published which modeled an explicit staking mechanism where nodes stake their LINK tokens in a service agreement and can be slashed for providing manipulated data. Here, a two-tier oracle network model is used, with a low-cost first-tier that continuously generates oracle reports and a higher-cost maximum-security second tier used for settling disputes, which creates a super-linear staking impact where the cost of attack is significantly greater (quadratic in the number of first-tier nodes) than the sum of all deposits within that network.
The first-tier consists of nodes explicitly staking LINK while the second-tier consists of the most reputable, reliable, and profitable nodes in the Chainlink network who have the greatest financial exposure to LINK and as rational economic actors resolve the rare disputes accurately in order to uphold the value of their LINK holdings, LINK staked in other first-tier networks, future LINK revenue, and individual reputation. The whitepaper goes much deeper into this mechanism than I can cover here, but this mechanism would provide slashing-based cryptoeconomic security in addition to the existing implicit incentives-based cryptoeconomic security.
research.chain[dot]link/whitepaper-v2.pdf
To note, the Chainlink Network is already cryptoeconomically secured by the $46B FDV LINK token through implicit incentives (oracle nodes are paid in and hold native tokens whose value is derived from the health of the network as a whole). This form of cryptoeconomic security is already seen with the Bitcoin and Ethereum networks today (miners hold and are paid in native coins) and is why the honest majority assumption works, it’s backed by economic incentives and penalties. Additional cryptoeconomic security through explicit staking (the slashing of deposited stake from malicious nodes) is being worked on and will be implemented with Chainlink 2.0, discussed in the recent whitepaper.
Thanks for elaborating on forking and the risks Uni's oracle might face. However I still don't understand this, maybe I'm just too dumb 😂
The cost of such an attack is thus half the market cap of the token
Any links/resources to read in order to understand it is very much appreciated 🙏
I've expanded upon my thoughts on this proposal in this Twitter thread here. In my opinion, this proposal would require a serious pivot from the Uniswap team from being a decentralized exchange to also creating a dedicated oracle protocol, a multi-year full-time task to accomplish. Projects specializing in building a specific piece of composable smart contract infrastructure is the beauty of the DeFi stack, it leads to efficient usage of limited developer resources.
To note, the Chainlink Network is already cryptoeconomically secured by the $46B FDV LINK token through implicit incentives (oracle nodes are paid in and hold native tokens whose value is derived from the health of the network as a whole). This form of cryptoeconomic security is already seen with the Bitcoin and Ethereum networks today (miners hold and are paid in native coins) and is why the honest majority assumption works, it's backed by economic incentives and penalties. Additional cryptoeconomic security through explicit staking (the slashing of deposited stake from malicious nodes) is being worked on and will be implemented with Chainlink 2.0, discussed in the recent whitepaper.
Forking doesn't assume control, it creates an entirely new chain which Uniswap would not be using. Assuming that the devs then swapped to the new chain, you've still just suffered a massive attack that has debilitated the platform by draining its funds and leaving users having lost trust. You can't just fork problems away :)
And he wasn't saying you assume no angels, he was saying when modeling out possibilities such as threats in crypto, the general assumption is that people have the worst intentions. If you are prepared for the worst, then you are prepared for the best as well. Given the stakes, that's the safest way to do this. Of course, Uni's TWAP oracle has clear vulnerabilities and is just one of many attempts at solving something but missing potential threats, so it's easier said to assume these things than it is in practice. Hard to account for everything in design, which generally speaking is why most companies do NOT try to build their own version of a product where a suitable, affordable version of what they need already exists. It's very high risk to spend that many resources just to fail. Even after all the time spent on oracles for the uni team they have to go back to the drawing board completely if they want to get it right on their own, and it's another risk. When you're talking about people's money "most of the time it works" is not good enough. The TWAP oracles simply are not robust enough. Uni needs to make a choice to abandon their dex and try to compete as an oracle (idiotic) or adopt an existing, functional oracle solution which suits the needs of DeFi. And there is currently only one option, for better or for worse. I really don't get the adversity some projects have to using Chainlink, they have proven time and time again to prevent losses in case of attacks and the network has only gotten better with time. Even Maker who refused to use Chainlink now indirectly uses Chainlink because all of their feed providers do. Compound is adopting Chainlink in conjunction with Uni's oracle (Uni's oracle not needed but another case of ego where Compound's founder simply can't admit that Chainlink got it right where they could not on their own). Uni is the last bastion of DeFi that is fighting Chainlink. For what? Going to kill the network.
What you noted about the gold price feed from a year ago wasn’t an attack on the network but a misconfiguration of a single feed that resulted in minimal issues.
There is currently no way for a consumer to steer a data curation process or incentivize the chainlink network to add more weight to a specific datasource. Having a honest majority is a fair starting point, but it's not enough. There can be all sorts of other data quality issues down the line that you have to monitor constantly. Data usage is always context dependent and some consumers might prefer some feeds over others in their aggregation .
I think that CL ideally should hand over the curation to the protocol actors instead of managing it themselves. This feed misconfiguration is a good example that this is a pain point to be improved upon. This is needed to make it more decentralized and censorship resistant.
This also the reason why the proposal for the UNI oracle makes sense to me. You want have data quality control in the protocol user's hands by adding a dispute governance process. I'm not sure how the disputes are resolved in chainlink 2.0 but it does sound like a good way forward.
Reposting this from another forum to add to the discussion (not my opinions)
This is a good thread so I will drop some alpha
Vita|ik makes UNI oracle thread
intentionally designed as |ow-frequency/high-latency oracle
speci?cally mentions Optimism
mentions lots of weird quirky constraints that it will need to have which don't make sense on initial inspection
Here is the deal. Optimisms business model is to Auction off MEV. Every single block on Optimism will need to have near optimal MEV extraction for this to be economical.
This presents a problem when we think about oracles. If you are the block sequencer on Optimism, where will you put the oracle update transactions? Where ever they are most pro?table for you. And in extreme cases you can actually censor them. Yes I know some Optimism fag will tell you how they added some feature to prevent censorship, but without disclosing specifics I am categorically telling you they cannot promise true censorship resistance on Optimism in it's current design.
This is a huge problem for oracles obviously.
The reason for the high-latency nature of Vitalik's oracle is to make the oracle update window span far enough into the future that the MEV aspect happens less frequently. How ever, whichever lucky sequencer manages to catch the occasional oracle update gets a nearly guaranteed fat arbitrage, as it has been hours or potentially days since the last oracle update, so the arbs will be fucking huge.
The fatass giga arb is what will incentivize the sequencers to actually include the oracle update in the block. Othenlvise they would just keep trading on grossly mispriced assets.
This setup provides nearly guaranteed MEV against protoools which use oracles. Optimism needs MEV to fuel their revenue. If this kind of design was not used, the MEV could potentially dry up as protocols get smarter at designing around MEV and actually giving a shit about their users.
This is a bit of a dirty secret, but idgaf. The truth will set us free.
To note, the Chainlink Network is already cryptoeconomically secured by the $46B FDV LINK token through implicit incentives (oracle nodes are paid in and hold native tokens whose value is derived from the health of the network as a whole). This form of cryptoeconomic security is already seen with the Bitcoin and Ethereum networks today (miners hold and are paid in native coins) and is why the honest majority assumption works, it’s backed by economic incentives and penalties. Additional cryptoeconomic security through explicit staking (the slashing of deposited stake from malicious nodes) is being worked on and will be implemented with Chainlink 2.0, discussed in the recent whitepaper.
So how does chainlink implement this cryptoeconomic security? To my knowledge there is no penalty system in place. Remember this one time where a node operator by accident swapped the gold price feed with that of silver. Some users on synthetix profited hugely from this, while the nodes still had their LINK payouts (no penalties applied). Point is that a node can serve just about any data no matter the quality. There is no mechanism to judge on whether this data is correct and penalize accordingly. Probably this is what Vitalik meant with 'incentives are not clear'.
I've expanded upon my thoughts on this proposal in this Twitter thread here. In my opinion, this proposal would require a serious pivot from the Uniswap team from being a decentralized exchange to also creating a dedicated oracle protocol, a multi-year full-time task to accomplish. Projects specializing in building a specific piece of composable smart contract infrastructure is the beauty of the DeFi stack, it leads to efficient usage of limited developer resources.
To note, the Chainlink Network is already cryptoeconomically secured by the $46B FDV LINK token through implicit incentives (oracle nodes are paid in and hold native tokens whose value is derived from the health of the network as a whole). This form of cryptoeconomic security is already seen with the Bitcoin and Ethereum networks today (miners hold and are paid in native coins) and is why the honest majority assumption works, it's backed by economic incentives and penalties. Additional cryptoeconomic security through explicit staking (the slashing of deposited stake from malicious nodes) is being worked on and will be implemented with Chainlink 2.0, discussed in the recent whitepaper.
These approaches raise the cost of attack, which is why I believe Chainlink Price Feeds are already well suited for securing high-value DeFi smart contracts like Aave, Synthetix, and algorithmic stablecoins like Reflexer, Ampleforth, etc.
twitter[dot]com/ChainLinkGod/status/1392965710976978950
The solution for FX was to move away from fixings as price Oracles, where there might be some particular interests that can be in billion of $$$, and focus more on the tradeable price. Even if $10 billion would be at stake to get 50%+1 on price Oracle, we are never sure, if the interest is not bigger than $10 billion (imagine Crypto Market Cap of $100 trillion).
This brings me to a basic question: how to create better link between the value of ERC-20 token and the value of USD/EUR/GBP/JPY/... to get more people using smart contracts in the real economy?
From my perspective, the real race to bring more trust to a stable coin market is not a race between price Oracles (we learned from FX that they are vulnerable by its nature), but how to make Tether-like projects (ERC-20 to FIAT "bridges") big enough to compete with CLS settlement system. If we will get the settlement right (from ERC-20 to FIAT), the instrument price will always follow. Arbitrage will do the rest even if the price of all tokens would drop 99% in 1 minute. This would not be the case for price Oracles.
Currently, CLS is big enough to get the trust of $2 trillion per day (google: "CLS FX TRADING ACTIVITY march 2021"), if Tether-like solutions will get closer to CLS, the interbank market will follow and then a Crypto Market Cap of $100 trillion will become possible. CLS has achieved scale in fully CENTRALIZED way. Our job is to do it in a fully DECENTRALIZED way.
To fully integrate ERC-20 with FIAT we can copy one popular pattern from FIAT: It is common to see wealthy people putting money in 50-100 banks to get credit risk distributed (done usually by family office). It is not possible to avoid counterparty risk in FIAT, but government deposits insurance of $100k-250k for each individual bank is at least addressing some part of the risk. Having it in different jurisdictions is reducing the risk even more.
Let's try to replicate this on blockchain:
Our first task: make it very simple for regulated crypto brokers/crypto banks to issue their own stable coins
Forking doesn't assume control, it creates an entirely new chain which Uniswap would not be using. Assuming that the devs then swapped to the new chain, you've still just suffered a massive attack that has debilitated the platform by draining its funds and leaving users having lost trust. You can't just fork problems away :)
And he wasn't saying you assume no angels, he was saying when modeling out possibilities such as threats in crypto, the general assumption is that people have the worst intentions. If you are prepared for the worst, then you are prepared for the best as well. Given the stakes, that's the safest way to do this. Of course, Uni's TWAP oracle has clear vulnerabilities and is just one of many attempts at solving something but missing potential threats, so it's easier said to assume these things than it is in practice. Hard to account for everything in design, which generally speaking is why most companies do NOT try to build their own version of a product where a suitable, affordable version of what they need already exists. It's very high risk to spend that many resources just to fail. Even after all the time spent on oracles for the uni team they have to go back to the drawing board completely if they want to get it right on their own, and it's another risk. When you're talking about people's money "most of the time it works" is not good enough. The TWAP oracles simply are not robust enough. Uni needs to make a choice to abandon their dex and try to compete as an oracle (idiotic) or adopt an existing, functional oracle solution which suits the needs of DeFi. And there is currently only one option, for better or for worse. I really don't get the adversity some projects have to using Chainlink, they have proven time and time again to prevent losses in case of attacks and the network has only gotten better with time. Even Maker who refused to use Chainlink now indirectly uses Chainlink because all of their feed providers do. Compound is adopting Chainlink in conjunction with Uni's oracle (Uni's oracle not needed but another case of ego where Compound's founder simply can't admit that Chainlink got it right where they could not on their own). Uni is the last bastion of DeFi that is fighting Chainlink. For what? Going to kill the network.
I'm not saying that there shouldn't be alternatives, I'm all for that. But developing a robust, useful oracle system is not an overnight task. It's not a 1 month task. it's not a 1 quarter or 1 year task. It will take all of Uni's dev resources multiple years to do this properly. In what world would that be the right decision unless they wanted to fully pivot?
Thank you! I didn't assume that btw. And I still don't understand. If majority ~ >50% corrupted, then the minority forks the old chain to have the new chain and issue new tokens. I assume that the value of the new tokens = the value of the old tokens of the minority which is <50% of the old tokens market cap.
we like to model that everyone is a nihilistic degen that can be bought out at market price.
Thank you! I didn't assume that btw. And I still don't understand. If majority ~ >50% corrupted, then the minority forks the old chain to have the new chain and issue new tokens. I assume that the value of the new tokens = the value of the old tokens of the minority which is <50% of the old tokens market cap.
we like to model that everyone is a nihilistic degen that can be bought out at market price.
@phuqle Just a basic assumption in all of this crypto stuff. You assume there are no angels. Obviously if 51% of the supply is held by outstanding, incorruptible citizens of the world, you'll be fine. But for the sake of doing complex and impressive looking security analyses/game theory, we like to model that everyone is a nihilistic degen that can be bought out at market price.
Cool proposal, and I think it could get some traction/ some decent usage for the UNI token, but I think it fails for the same reason Augur sort of hasn't taken off or Gnosis for that matter. The way I envision it working from vitaliks post would be:
Cool proposal, and I think it could get some traction/ some decent usage for the UNI token, but I think it fails for the same reason Augur sort of hasn't taken off or Gnosis for that matter. The way I envision it working from vitaliks post would be:
I run Tellor and we use roughly the same thing. I think you could make the argument (like Gnosis did)...why not just use a bigger mkt cap coin of ETH?
The reason is that you hope a community that votes and is active in what a "proper" value is will be a better oracle than just allowing ETH whales (exchanges) to control the vote.
Overall it never really comes down to these scenarios though. The real "oracle" problem is figuring out how to find the tradeoffs between speed, decentralization/liveness and slight manipulability (moving the price by 1%). The current Uniswap twap oracle really bangs on the first 2, but sort of falls sort on the last one. LINK rocks on 1/3 and others like Tellor find different mixes. Handling for the long tail of preventing 51% attacks of oracle coins is a job that should be done at the user level as there are a range of appetites depending on use case for waiting weeks vs liquidating or adding penalties.
Also @haydenadams I think it would be fun to do a "Should UNI fork UMA" panel moderated by V.
EDIT: To be clear, I think what UMA has built is quite unique and would be very difficult to fork. But I would love the opportunity to explain the virtues of the design with Hayden and V.
I’m the co-founder of UMA. I think the ideas Vitalik presents here are very good.
Some context: UMA is based on Vitalik’s Schellingcoin idea from 2014. UMA implemented this idea because we think this is a critical piece of DeFi infrastructure, for many of the same reasons Vitalik already mentioned.
I’m the co-founder of UMA. I think the ideas Vitalik presents here are very good.
Some context: UMA is based on Vitalik’s Schellingcoin idea from 2014. UMA implemented this idea because we think this is a critical piece of DeFi infrastructure, for many of the same reasons Vitalik already mentioned.
The UMA system has been in production for about a year now, and we've shown that this type of oracle design really does work in real life, for real world DeFi contracts.
A number of very smart folks (@g_dip, @Micah, adamscochran) have commented that the type of voting oracle Vitalik is suggesting doesn't work well with current DeFi design patterns. The biggest concern is generally around how to liquidate contracts if you have to wait for a price to get verified. UMA has spend the last ~2 years figuring this out, but we haven't done a good job communicating to the broader DeFi community how these "priceless" contract designs work.
What I would like to propose is that we (UMA) write a proposal for how a mature protocol like Maker or Compound could be written "optimistically" and be enforced with an UMA-like oracle system. This may be clarifying for this broader discussion, and help articulate the advantages of this approach.
You want to use an oracle system where, in the case where an attacker buys up 51% of the oracle tokens and uses them to cause a single incorrect price to be reported, the oracle token blows up completely and goes to zero (the market value going into a fork that zeroes out the attacker).
Would this be true of UNI? If UNI accrues value by taking fees off of each trade, would one expect a bad oracle response to be that detrimental to its value? I would assume that its value would still mostly be based on the amount of volume on Uniswap, which would be pretty unrelated to its price responses.
Interesting timing for the xSNXa / xBNTa exploits which took advantage of Uniswap not having a sufficient oracle solution in place. Whatever happens ultimately I do hope UNI can find an oracle solution that makes sense so we don't continue to see these kinds of attacks damage the reputation of the protocol. Utilizing Chainlink price feeds would be a very simple short term solution at least.
Agree with the concept and importance here.
A few points to consider:
#1 - What can we expect users to responsibly and rationally dispute on:
#1A - Irrationality in dispute outcomes:
Even in cases like Augur where they have binary non-ephemeral outcomes (like who won the election) we've seen users dispute the outcome for far longer and to far higher a cost to them than is rational.
Agree with the concept and importance here.
A few points to consider:
#1 - What can we expect users to responsibly and rationally dispute on:
#1A - Irrationality in dispute outcomes:
Even in cases like Augur where they have binary non-ephemeral outcomes (like who won the election) we've seen users dispute the outcome for far longer and to far higher a cost to them than is rational.
#1B - Exactness in ephemeral disputes:
Since oracles are commonly used for liquidation points, and each user has different positions on different protocols where collateral value down to the cent could mean the difference between liquidation or not, it seems likely that any average 'real world' price of the USD/ETH rate averaged from multiple sources (and excluding of spurious outliers) would still likely be contested at times when it is economically of value to that user.
Let's imagine a scenario where there are 10 price points being used, and 9 of them are $4000 - $4002 but one of them is at $3960, and the average price shows $3996.
A user in turn disputes the price, and argues the price of ETH was clearly $4000 and that the other source had failed to update, lacked volume, or simply wasn't representative.
Is that user right?
By the letter of the law, no.
But, by the spirit of what the oracle is supposed to represent? Maybe.
Oracles of non-binary outcomes should not expect that the vast majority of users act in a rational, letter of the law, technical code as law kind of manner. It's much more of a subjective jury trying to interpret "what is real and accurate as they understand it"
Given the points in #1 I think you likely don't want users being able to dispute the specific price. Instead the minimal governance path is probably the election and removal of acceptable providers.
Or, we need to begin to rethink not only how we think of oracles, but also smart contracts, and take a lesson from finance where we aren't just returning a single price and saying "this was the price in this moment" but giving an OCHL (open, close, high, low) bounds and letting defi contracts deal within a range.
#2 - How can disputes be secured and yet accessible?
#2A - Engagement vs Thresholds We can say that the cost to attack a system of disputes that involves staking requires a >51% of the token supply but this can be done of two ways:
A) Hard voting threshold conditions. B) Subjective voting threshold conditions.
In hard voting conditions we say that you must have >XX% token vote in favor of adoption of a change resolution for it to be enacted. This is commonly denounced in the token space right now because it sets thresholds that are too high and make it hard to enact governance change.
But, the flip side on the dispute case is >51% of votes in favor of the corrupt price for it to be corrupted, which is extremely secure.
The hard voting thresholds have some issues:
In subjective voting thresholds we say, the majority out come of all voters who vote (usually over some small quorum threshold) decide the outcome. Most projects set that governance threshold far too low so that most of the time their day to day governance can be managed by the fractional set of users who actually become engaged.
In such a governance model, you'd likely want subjective threshold voting, but on a fairly high (but still accessible) minimum quorum. This should act as a model to motivate small governance itself where in disputes aren't for minor infractions or inaccuracies, but for clear malicious behavior and such the governance votes will only take place when it truly matters.
#2B - Incentive Models vs Demographics
Assuming that the desire is for a readable price feed, we would assume that elected producers are writing prices to the feed, paying a gas fee, and the read result is just returning the most recent price average.
As we've seen with Chainlink, this creates a set of sponsored feed providers who have some other broader ecosystem interest, such as exchanges and protocols.
This is not a bad thing per se, but it does create a poorly representative interests system.
If we ask ourselves "Could we imagine a scenario in which the price interest of exchanges (many of whom have futures) and defi protocols (who use collateral) could diverge from the interests of users (who have open those positions) by even just a few basis points?" the answer is yes.
It's entirely feasible that the interests of millions of dollars could be divided by such a small amount of market movement that it would be in the interest of a few providers to under report the price within an acceptable variance bounds so that it is almost undetectable or undisputable, but still meets their needs.
The penalty models of stake and slash producing, and of paying recurring gas fees make being a provider inaccessible for communities or users (whom to be fair, may lack the technical expertise to maintain an oracle provider). But it does create a lopsided interest group managing the price feed.
#3 - Liveness of dispute vs Liveness of outcome and how it can still encourage corruption:
As a final footnote, perhaps more for defi protocols than for the oracle itself, it raises interesting debates about a liveness/finality of oracles.
In either example, where users can dispute on producers or price, we run into this interesting condition of deciding "If a bad actor influenced the price in a corrupt manner, should protocols a) ignore it, b) settle it based on the report live price that as corrupt, c) settle it based on the outcome price after the dispute"
The only manner I can consider in which C) is possible is if a protocol held liquidations delayed by two days, which would take on a signifgant amount of risk.
So then this creates a state in which a protocol must subjectively ignore an oracle and is thus no longer centralized, or it must act on a corrupted price which will later be corrected.
Imagine we have an oracle feed in which two producers open up massive shorts across collateralized assets. In turn, they both report the ETH/USD price as $1 in a block. The system doesn't view it as outliers since there is more than one report (or whatever theoretical threshold) and inturn the Ethereum price massively under reports.
Being the most popular defi oracle service by a major provider, this sets off a cascading impact of liquidations and sells across the sector.
Users vote to contest the price and to remove the corrupt producers. They do so in a successful manner.
But, the corrupt actor still made off with their payday and users still suffered large losses.
Now this is an extreme theoretically and something that is probably a similar risk model with current day oracles, but if we are talking about designing a better governance minimized oracle, then it is worth considering how that is prevented.
Will this fix Eth Scalability? :thinking:
If not, why are you thinking about it? :face_with_raised_eyebrow:
Or is this a security measure for something bigger you may not be identifying directly?
The staking mechanism proposed in the Chainlink 2.0 whitepaper addresses exactly what you're talking about and creates a mechanism that not only STRONGLY disincentivizes even one node to erroneously report but also if a SINGLE node answers incorrectly, the next node is responsible for making the decision of whether or not that answer is correct & if they say it is incorrect there is a resolution layer. This creates a situation where only one node needs to be honest, and while there is still a need for consensus it puts in check any incorrect answer so that this answer is not reported/accepted to/on the blockchain. Therefore every single node would need to be compromised, thus making an attack way more expensive than what you'd gain from that attack. Creating a "maximum-cost-of-attack" oracle as you put it here appears to be one of the main intentions (and one they're most excited about) of their staking mechanism and upcoming infrastructure advancements.
For a quick version I would strongly recommend watching the "Chainlink 2.0 Whitepaper | Research Panel" and watching the "Understanding super-linear staking" section.
The cost of such an attack is thus half the market cap of the token , minus some amount to account for very lazy holders who are not willing to participate in a vote even in an extreme emergency that could cost them their coins.
Can anyone help me understand why the cost is half market cap but not the amount of token of corrupted holders?
If the main way to keep the system honest is coordinating hardforks that is a much more involved and energy consuming process for oracles than Chainlink’s token slashing and reputation systems. This is one monolothic oracle network vs the isolated and customizable oracle networks of Chainlink so also less minimalistic from an architecture standpoint as well.
Chainlink and UNI holder here
I disagree with people saying the Chainlink staking mechanism already solves what Vitalik outlines in his proposal. The CL 2.0 staking mechanism is clearly an improvement over their current system and a step in the right direction, but ultimately depends on the Tier 2 robustness, which as of right now and with the little information we have about it does not seem to offer the same cryptoeconomic guarantees than the mechanism proposed by Vitalik here (no Augur style token voting for tier 2), to the benefit however of a greater flexibility that this mechanism could not offer. Like mentioned in the proposal, different use cases = flexibility vs laser-focused. This might change with future development about Chainlink Tier 2, though.
Chainlink and UNI holder here
I disagree with people saying the Chainlink staking mechanism already solves what Vitalik outlines in his proposal. The CL 2.0 staking mechanism is clearly an improvement over their current system and a step in the right direction, but ultimately depends on the Tier 2 robustness, which as of right now and with the little information we have about it does not seem to offer the same cryptoeconomic guarantees than the mechanism proposed by Vitalik here (no Augur style token voting for tier 2), to the benefit however of a greater flexibility that this mechanism could not offer. Like mentioned in the proposal, different use cases = flexibility vs laser-focused. This might change with future development about Chainlink Tier 2, though.
And to answer Kiba’s point, I would think UNI is better for token voting as a large amount of LINK tokens would already need to be staked in DONs, requiring tier 2 operators to unstake their tier 1 tokens each time there is a vote, which would probably be an issue if they have to vote often (possible if they act as tier 2 for several tier 1s).
My doubts are more about time/ressource allocation, possible voters apathy that could be higher than we might anticipate thus decreasing the perceived amount of cryptoeconomic security, questions related to the collateral needing to be provided by liquidators, and also Micah’s points raised above.
I don’t have a strong opinion for now but I’m interested in seeing these details ironed out.
These two statements seem in opposition to each other:
it also seems desirable to complement Chainlink with a more minimalist alternative
These two statements seem in opposition to each other:
it also seems desirable to complement Chainlink with a more minimalist alternative
it’s up to the minority holders to create a fork of the system where the attackers’ coins are zeroed out and convince the community to prefer the fork from that point forward.
If the main way to keep the system honest is coordinating hardforks that is a much more involved and energy consuming process for oracles than Chainlink's token slashing and reputation systems. This is one monolothic oracle network vs the isolated and customizable oracle networks of Chainlink so also less minimalistic from an architecture standpoint as well.
Your design works with LINK token as well which has a bigger market cap and would therefore be more secure so why not propose using that token?
I just signed up to express my support for this idea.
I had thought by myself something similar because Chainlink does not provide sufficient decentralization and Uniswap cannot indeed provide true USD oracle prices.
Augur-style oracle would be great and I would be looking forward to use it.
What you noted about the gold price feed from a year ago wasn’t an attack on the network but a misconfiguration of a single feed that resulted in minimal issues.
There is currently no way for a consumer to steer a data curation process or incentivize the chainlink network to add more weight to a specific datasource. Having a honest majority is a fair starting point, but it's not enough. There can be all sorts of other data quality issues down the line that you have to monitor constantly. Data usage is always context dependent and some consumers might prefer some feeds over others in their aggregation .
I think that CL ideally should hand over the curation to the protocol actors instead of managing it themselves. This feed misconfiguration is a good example that this is a pain point to be improved upon. This is needed to make it more decentralized and censorship resistant.
This also the reason why the proposal for the UNI oracle makes sense to me. You want have data quality control in the protocol user's hands by adding a dispute governance process. I'm not sure how the disputes are resolved in chainlink 2.0 but it does sound like a good way forward.
Reposting this from another forum to add to the discussion (not my opinions)
This is a good thread so I will drop some alpha
Vita|ik makes UNI oracle thread
intentionally designed as |ow-frequency/high-latency oracle
speci?cally mentions Optimism
mentions lots of weird quirky constraints that it will need to have which don't make sense on initial inspection
Here is the deal. Optimisms business model is to Auction off MEV. Every single block on Optimism will need to have near optimal MEV extraction for this to be economical.
This presents a problem when we think about oracles. If you are the block sequencer on Optimism, where will you put the oracle update transactions? Where ever they are most pro?table for you. And in extreme cases you can actually censor them. Yes I know some Optimism fag will tell you how they added some feature to prevent censorship, but without disclosing specifics I am categorically telling you they cannot promise true censorship resistance on Optimism in it's current design.
This is a huge problem for oracles obviously.
The reason for the high-latency nature of Vitalik's oracle is to make the oracle update window span far enough into the future that the MEV aspect happens less frequently. How ever, whichever lucky sequencer manages to catch the occasional oracle update gets a nearly guaranteed fat arbitrage, as it has been hours or potentially days since the last oracle update, so the arbs will be fucking huge.
The fatass giga arb is what will incentivize the sequencers to actually include the oracle update in the block. Othenlvise they would just keep trading on grossly mispriced assets.
This setup provides nearly guaranteed MEV against protoools which use oracles. Optimism needs MEV to fuel their revenue. If this kind of design was not used, the MEV could potentially dry up as protocols get smarter at designing around MEV and actually giving a shit about their users.
This is a bit of a dirty secret, but idgaf. The truth will set us free.
To note, the Chainlink Network is already cryptoeconomically secured by the $46B FDV LINK token through implicit incentives (oracle nodes are paid in and hold native tokens whose value is derived from the health of the network as a whole). This form of cryptoeconomic security is already seen with the Bitcoin and Ethereum networks today (miners hold and are paid in native coins) and is why the honest majority assumption works, it’s backed by economic incentives and penalties. Additional cryptoeconomic security through explicit staking (the slashing of deposited stake from malicious nodes) is being worked on and will be implemented with Chainlink 2.0, discussed in the recent whitepaper.
So how does chainlink implement this cryptoeconomic security? To my knowledge there is no penalty system in place. Remember this one time where a node operator by accident swapped the gold price feed with that of silver. Some users on synthetix profited hugely from this, while the nodes still had their LINK payouts (no penalties applied). Point is that a node can serve just about any data no matter the quality. There is no mechanism to judge on whether this data is correct and penalize accordingly. Probably this is what Vitalik meant with 'incentives are not clear'.
I've expanded upon my thoughts on this proposal in this Twitter thread here. In my opinion, this proposal would require a serious pivot from the Uniswap team from being a decentralized exchange to also creating a dedicated oracle protocol, a multi-year full-time task to accomplish. Projects specializing in building a specific piece of composable smart contract infrastructure is the beauty of the DeFi stack, it leads to efficient usage of limited developer resources.
To note, the Chainlink Network is already cryptoeconomically secured by the $46B FDV LINK token through implicit incentives (oracle nodes are paid in and hold native tokens whose value is derived from the health of the network as a whole). This form of cryptoeconomic security is already seen with the Bitcoin and Ethereum networks today (miners hold and are paid in native coins) and is why the honest majority assumption works, it's backed by economic incentives and penalties. Additional cryptoeconomic security through explicit staking (the slashing of deposited stake from malicious nodes) is being worked on and will be implemented with Chainlink 2.0, discussed in the recent whitepaper.
These approaches raise the cost of attack, which is why I believe Chainlink Price Feeds are already well suited for securing high-value DeFi smart contracts like Aave, Synthetix, and algorithmic stablecoins like Reflexer, Ampleforth, etc.
twitter[dot]com/ChainLinkGod/status/1392965710976978950
The solution for FX was to move away from fixings as price Oracles, where there might be some particular interests that can be in billion of $$$, and focus more on the tradeable price. Even if $10 billion would be at stake to get 50%+1 on price Oracle, we are never sure, if the interest is not bigger than $10 billion (imagine Crypto Market Cap of $100 trillion).
This brings me to a basic question: how to create better link between the value of ERC-20 token and the value of USD/EUR/GBP/JPY/... to get more people using smart contracts in the real economy?
From my perspective, the real race to bring more trust to a stable coin market is not a race between price Oracles (we learned from FX that they are vulnerable by its nature), but how to make Tether-like projects (ERC-20 to FIAT "bridges") big enough to compete with CLS settlement system. If we will get the settlement right (from ERC-20 to FIAT), the instrument price will always follow. Arbitrage will do the rest even if the price of all tokens would drop 99% in 1 minute. This would not be the case for price Oracles.
Currently, CLS is big enough to get the trust of $2 trillion per day (google: "CLS FX TRADING ACTIVITY march 2021"), if Tether-like solutions will get closer to CLS, the interbank market will follow and then a Crypto Market Cap of $100 trillion will become possible. CLS has achieved scale in fully CENTRALIZED way. Our job is to do it in a fully DECENTRALIZED way.
To fully integrate ERC-20 with FIAT we can copy one popular pattern from FIAT: It is common to see wealthy people putting money in 50-100 banks to get credit risk distributed (done usually by family office). It is not possible to avoid counterparty risk in FIAT, but government deposits insurance of $100k-250k for each individual bank is at least addressing some part of the risk. Having it in different jurisdictions is reducing the risk even more.
Let's try to replicate this on blockchain:
Our first task: make it very simple for regulated crypto brokers/crypto banks to issue their own stable coins
Forking doesn't assume control, it creates an entirely new chain which Uniswap would not be using. Assuming that the devs then swapped to the new chain, you've still just suffered a massive attack that has debilitated the platform by draining its funds and leaving users having lost trust. You can't just fork problems away :)
And he wasn't saying you assume no angels, he was saying when modeling out possibilities such as threats in crypto, the general assumption is that people have the worst intentions. If you are prepared for the worst, then you are prepared for the best as well. Given the stakes, that's the safest way to do this. Of course, Uni's TWAP oracle has clear vulnerabilities and is just one of many attempts at solving something but missing potential threats, so it's easier said to assume these things than it is in practice. Hard to account for everything in design, which generally speaking is why most companies do NOT try to build their own version of a product where a suitable, affordable version of what they need already exists. It's very high risk to spend that many resources just to fail. Even after all the time spent on oracles for the uni team they have to go back to the drawing board completely if they want to get it right on their own, and it's another risk. When you're talking about people's money "most of the time it works" is not good enough. The TWAP oracles simply are not robust enough. Uni needs to make a choice to abandon their dex and try to compete as an oracle (idiotic) or adopt an existing, functional oracle solution which suits the needs of DeFi. And there is currently only one option, for better or for worse. I really don't get the adversity some projects have to using Chainlink, they have proven time and time again to prevent losses in case of attacks and the network has only gotten better with time. Even Maker who refused to use Chainlink now indirectly uses Chainlink because all of their feed providers do. Compound is adopting Chainlink in conjunction with Uni's oracle (Uni's oracle not needed but another case of ego where Compound's founder simply can't admit that Chainlink got it right where they could not on their own). Uni is the last bastion of DeFi that is fighting Chainlink. For what? Going to kill the network.
I'm not saying that there shouldn't be alternatives, I'm all for that. But developing a robust, useful oracle system is not an overnight task. It's not a 1 month task. it's not a 1 quarter or 1 year task. It will take all of Uni's dev resources multiple years to do this properly. In what world would that be the right decision unless they wanted to fully pivot?
Thank you! I didn't assume that btw. And I still don't understand. If majority ~ >50% corrupted, then the minority forks the old chain to have the new chain and issue new tokens. I assume that the value of the new tokens = the value of the old tokens of the minority which is <50% of the old tokens market cap.
we like to model that everyone is a nihilistic degen that can be bought out at market price.
Thank you! I didn't assume that btw. And I still don't understand. If majority ~ >50% corrupted, then the minority forks the old chain to have the new chain and issue new tokens. I assume that the value of the new tokens = the value of the old tokens of the minority which is <50% of the old tokens market cap.
we like to model that everyone is a nihilistic degen that can be bought out at market price.
@phuqle Just a basic assumption in all of this crypto stuff. You assume there are no angels. Obviously if 51% of the supply is held by outstanding, incorruptible citizens of the world, you'll be fine. But for the sake of doing complex and impressive looking security analyses/game theory, we like to model that everyone is a nihilistic degen that can be bought out at market price.
Cool proposal, and I think it could get some traction/ some decent usage for the UNI token, but I think it fails for the same reason Augur sort of hasn't taken off or Gnosis for that matter. The way I envision it working from vitaliks post would be:
Cool proposal, and I think it could get some traction/ some decent usage for the UNI token, but I think it fails for the same reason Augur sort of hasn't taken off or Gnosis for that matter. The way I envision it working from vitaliks post would be:
I run Tellor and we use roughly the same thing. I think you could make the argument (like Gnosis did)...why not just use a bigger mkt cap coin of ETH?
The reason is that you hope a community that votes and is active in what a "proper" value is will be a better oracle than just allowing ETH whales (exchanges) to control the vote.
Overall it never really comes down to these scenarios though. The real "oracle" problem is figuring out how to find the tradeoffs between speed, decentralization/liveness and slight manipulability (moving the price by 1%). The current Uniswap twap oracle really bangs on the first 2, but sort of falls sort on the last one. LINK rocks on 1/3 and others like Tellor find different mixes. Handling for the long tail of preventing 51% attacks of oracle coins is a job that should be done at the user level as there are a range of appetites depending on use case for waiting weeks vs liquidating or adding penalties.
Also @haydenadams I think it would be fun to do a "Should UNI fork UMA" panel moderated by V.
EDIT: To be clear, I think what UMA has built is quite unique and would be very difficult to fork. But I would love the opportunity to explain the virtues of the design with Hayden and V.
I’m the co-founder of UMA. I think the ideas Vitalik presents here are very good.
Some context: UMA is based on Vitalik’s Schellingcoin idea from 2014. UMA implemented this idea because we think this is a critical piece of DeFi infrastructure, for many of the same reasons Vitalik already mentioned.
I’m the co-founder of UMA. I think the ideas Vitalik presents here are very good.
Some context: UMA is based on Vitalik’s Schellingcoin idea from 2014. UMA implemented this idea because we think this is a critical piece of DeFi infrastructure, for many of the same reasons Vitalik already mentioned.
The UMA system has been in production for about a year now, and we've shown that this type of oracle design really does work in real life, for real world DeFi contracts.
A number of very smart folks (@g_dip, @Micah, adamscochran) have commented that the type of voting oracle Vitalik is suggesting doesn't work well with current DeFi design patterns. The biggest concern is generally around how to liquidate contracts if you have to wait for a price to get verified. UMA has spend the last ~2 years figuring this out, but we haven't done a good job communicating to the broader DeFi community how these "priceless" contract designs work.
What I would like to propose is that we (UMA) write a proposal for how a mature protocol like Maker or Compound could be written "optimistically" and be enforced with an UMA-like oracle system. This may be clarifying for this broader discussion, and help articulate the advantages of this approach.
You want to use an oracle system where, in the case where an attacker buys up 51% of the oracle tokens and uses them to cause a single incorrect price to be reported, the oracle token blows up completely and goes to zero (the market value going into a fork that zeroes out the attacker).
Would this be true of UNI? If UNI accrues value by taking fees off of each trade, would one expect a bad oracle response to be that detrimental to its value? I would assume that its value would still mostly be based on the amount of volume on Uniswap, which would be pretty unrelated to its price responses.
Interesting timing for the xSNXa / xBNTa exploits which took advantage of Uniswap not having a sufficient oracle solution in place. Whatever happens ultimately I do hope UNI can find an oracle solution that makes sense so we don't continue to see these kinds of attacks damage the reputation of the protocol. Utilizing Chainlink price feeds would be a very simple short term solution at least.
Agree with the concept and importance here.
A few points to consider:
#1 - What can we expect users to responsibly and rationally dispute on:
#1A - Irrationality in dispute outcomes:
Even in cases like Augur where they have binary non-ephemeral outcomes (like who won the election) we've seen users dispute the outcome for far longer and to far higher a cost to them than is rational.
Agree with the concept and importance here.
A few points to consider:
#1 - What can we expect users to responsibly and rationally dispute on:
#1A - Irrationality in dispute outcomes:
Even in cases like Augur where they have binary non-ephemeral outcomes (like who won the election) we've seen users dispute the outcome for far longer and to far higher a cost to them than is rational.
#1B - Exactness in ephemeral disputes:
Since oracles are commonly used for liquidation points, and each user has different positions on different protocols where collateral value down to the cent could mean the difference between liquidation or not, it seems likely that any average 'real world' price of the USD/ETH rate averaged from multiple sources (and excluding of spurious outliers) would still likely be contested at times when it is economically of value to that user.
Let's imagine a scenario where there are 10 price points being used, and 9 of them are $4000 - $4002 but one of them is at $3960, and the average price shows $3996.
A user in turn disputes the price, and argues the price of ETH was clearly $4000 and that the other source had failed to update, lacked volume, or simply wasn't representative.
Is that user right?
By the letter of the law, no.
But, by the spirit of what the oracle is supposed to represent? Maybe.
Oracles of non-binary outcomes should not expect that the vast majority of users act in a rational, letter of the law, technical code as law kind of manner. It's much more of a subjective jury trying to interpret "what is real and accurate as they understand it"
Given the points in #1 I think you likely don't want users being able to dispute the specific price. Instead the minimal governance path is probably the election and removal of acceptable providers.
Or, we need to begin to rethink not only how we think of oracles, but also smart contracts, and take a lesson from finance where we aren't just returning a single price and saying "this was the price in this moment" but giving an OCHL (open, close, high, low) bounds and letting defi contracts deal within a range.
#2 - How can disputes be secured and yet accessible?
#2A - Engagement vs Thresholds We can say that the cost to attack a system of disputes that involves staking requires a >51% of the token supply but this can be done of two ways:
A) Hard voting threshold conditions. B) Subjective voting threshold conditions.
In hard voting conditions we say that you must have >XX% token vote in favor of adoption of a change resolution for it to be enacted. This is commonly denounced in the token space right now because it sets thresholds that are too high and make it hard to enact governance change.
But, the flip side on the dispute case is >51% of votes in favor of the corrupt price for it to be corrupted, which is extremely secure.
The hard voting thresholds have some issues:
In subjective voting thresholds we say, the majority out come of all voters who vote (usually over some small quorum threshold) decide the outcome. Most projects set that governance threshold far too low so that most of the time their day to day governance can be managed by the fractional set of users who actually become engaged.
In such a governance model, you'd likely want subjective threshold voting, but on a fairly high (but still accessible) minimum quorum. This should act as a model to motivate small governance itself where in disputes aren't for minor infractions or inaccuracies, but for clear malicious behavior and such the governance votes will only take place when it truly matters.
#2B - Incentive Models vs Demographics
Assuming that the desire is for a readable price feed, we would assume that elected producers are writing prices to the feed, paying a gas fee, and the read result is just returning the most recent price average.
As we've seen with Chainlink, this creates a set of sponsored feed providers who have some other broader ecosystem interest, such as exchanges and protocols.
This is not a bad thing per se, but it does create a poorly representative interests system.
If we ask ourselves "Could we imagine a scenario in which the price interest of exchanges (many of whom have futures) and defi protocols (who use collateral) could diverge from the interests of users (who have open those positions) by even just a few basis points?" the answer is yes.
It's entirely feasible that the interests of millions of dollars could be divided by such a small amount of market movement that it would be in the interest of a few providers to under report the price within an acceptable variance bounds so that it is almost undetectable or undisputable, but still meets their needs.
The penalty models of stake and slash producing, and of paying recurring gas fees make being a provider inaccessible for communities or users (whom to be fair, may lack the technical expertise to maintain an oracle provider). But it does create a lopsided interest group managing the price feed.
#3 - Liveness of dispute vs Liveness of outcome and how it can still encourage corruption:
As a final footnote, perhaps more for defi protocols than for the oracle itself, it raises interesting debates about a liveness/finality of oracles.
In either example, where users can dispute on producers or price, we run into this interesting condition of deciding "If a bad actor influenced the price in a corrupt manner, should protocols a) ignore it, b) settle it based on the report live price that as corrupt, c) settle it based on the outcome price after the dispute"
The only manner I can consider in which C) is possible is if a protocol held liquidations delayed by two days, which would take on a signifgant amount of risk.
So then this creates a state in which a protocol must subjectively ignore an oracle and is thus no longer centralized, or it must act on a corrupted price which will later be corrected.
Imagine we have an oracle feed in which two producers open up massive shorts across collateralized assets. In turn, they both report the ETH/USD price as $1 in a block. The system doesn't view it as outliers since there is more than one report (or whatever theoretical threshold) and inturn the Ethereum price massively under reports.
Being the most popular defi oracle service by a major provider, this sets off a cascading impact of liquidations and sells across the sector.
Users vote to contest the price and to remove the corrupt producers. They do so in a successful manner.
But, the corrupt actor still made off with their payday and users still suffered large losses.
Now this is an extreme theoretically and something that is probably a similar risk model with current day oracles, but if we are talking about designing a better governance minimized oracle, then it is worth considering how that is prevented.
Will this fix Eth Scalability? :thinking:
If not, why are you thinking about it? :face_with_raised_eyebrow:
Or is this a security measure for something bigger you may not be identifying directly?
The staking mechanism proposed in the Chainlink 2.0 whitepaper addresses exactly what you're talking about and creates a mechanism that not only STRONGLY disincentivizes even one node to erroneously report but also if a SINGLE node answers incorrectly, the next node is responsible for making the decision of whether or not that answer is correct & if they say it is incorrect there is a resolution layer. This creates a situation where only one node needs to be honest, and while there is still a need for consensus it puts in check any incorrect answer so that this answer is not reported/accepted to/on the blockchain. Therefore every single node would need to be compromised, thus making an attack way more expensive than what you'd gain from that attack. Creating a "maximum-cost-of-attack" oracle as you put it here appears to be one of the main intentions (and one they're most excited about) of their staking mechanism and upcoming infrastructure advancements.
For a quick version I would strongly recommend watching the "Chainlink 2.0 Whitepaper | Research Panel" and watching the "Understanding super-linear staking" section.
The cost of such an attack is thus half the market cap of the token , minus some amount to account for very lazy holders who are not willing to participate in a vote even in an extreme emergency that could cost them their coins.
Can anyone help me understand why the cost is half market cap but not the amount of token of corrupted holders?
If the main way to keep the system honest is coordinating hardforks that is a much more involved and energy consuming process for oracles than Chainlink’s token slashing and reputation systems. This is one monolothic oracle network vs the isolated and customizable oracle networks of Chainlink so also less minimalistic from an architecture standpoint as well.
Chainlink and UNI holder here
I disagree with people saying the Chainlink staking mechanism already solves what Vitalik outlines in his proposal. The CL 2.0 staking mechanism is clearly an improvement over their current system and a step in the right direction, but ultimately depends on the Tier 2 robustness, which as of right now and with the little information we have about it does not seem to offer the same cryptoeconomic guarantees than the mechanism proposed by Vitalik here (no Augur style token voting for tier 2), to the benefit however of a greater flexibility that this mechanism could not offer. Like mentioned in the proposal, different use cases = flexibility vs laser-focused. This might change with future development about Chainlink Tier 2, though.
Chainlink and UNI holder here
I disagree with people saying the Chainlink staking mechanism already solves what Vitalik outlines in his proposal. The CL 2.0 staking mechanism is clearly an improvement over their current system and a step in the right direction, but ultimately depends on the Tier 2 robustness, which as of right now and with the little information we have about it does not seem to offer the same cryptoeconomic guarantees than the mechanism proposed by Vitalik here (no Augur style token voting for tier 2), to the benefit however of a greater flexibility that this mechanism could not offer. Like mentioned in the proposal, different use cases = flexibility vs laser-focused. This might change with future development about Chainlink Tier 2, though.
And to answer Kiba’s point, I would think UNI is better for token voting as a large amount of LINK tokens would already need to be staked in DONs, requiring tier 2 operators to unstake their tier 1 tokens each time there is a vote, which would probably be an issue if they have to vote often (possible if they act as tier 2 for several tier 1s).
My doubts are more about time/ressource allocation, possible voters apathy that could be higher than we might anticipate thus decreasing the perceived amount of cryptoeconomic security, questions related to the collateral needing to be provided by liquidators, and also Micah’s points raised above.
I don’t have a strong opinion for now but I’m interested in seeing these details ironed out.
These two statements seem in opposition to each other:
it also seems desirable to complement Chainlink with a more minimalist alternative
These two statements seem in opposition to each other:
it also seems desirable to complement Chainlink with a more minimalist alternative
it’s up to the minority holders to create a fork of the system where the attackers’ coins are zeroed out and convince the community to prefer the fork from that point forward.
If the main way to keep the system honest is coordinating hardforks that is a much more involved and energy consuming process for oracles than Chainlink's token slashing and reputation systems. This is one monolothic oracle network vs the isolated and customizable oracle networks of Chainlink so also less minimalistic from an architecture standpoint as well.
Your design works with LINK token as well which has a bigger market cap and would therefore be more secure so why not propose using that token?
I just signed up to express my support for this idea.
I had thought by myself something similar because Chainlink does not provide sufficient decentralization and Uniswap cannot indeed provide true USD oracle prices.
Augur-style oracle would be great and I would be looking forward to use it.
The staking mechanism proposed in the Chainlink 2.0 whitepaper addresses exactly what you're talking about and creates a mechanism that not only STRONGLY disincentivizes even one node to erroneously report but also if a SINGLE node answers incorrectly, the next node is responsible for making the decision of whether or not that answer is correct & if they say it is incorrect there is a resolution layer. This creates a situation where only one node needs to be honest, and while there is still a need for consensus it puts in check any incorrect answer so that this answer is not reported/accepted to/on the blockchain. Therefore every single node would need to be compromised, thus making an attack way more expensive than what you'd gain from that attack. Creating a "maximum-cost-of-attack" oracle as you put it here appears to be one of the main intentions (and one they're most excited about) of their staking mechanism and upcoming infrastructure advancements.
For a quick version I would strongly recommend watching the "Chainlink 2.0 Whitepaper | Research Panel" and watching the "Understanding super-linear staking" section.
Whether the system actually winds up working as intended time is yet to tell but we know the team already has the majority of this work completed.
If the main way to keep the system honest is coordinating hardforks that is a much more involved and energy consuming process for oracles than Chainlink’s token slashing and reputation systems. This is one monolothic oracle network vs the isolated and customizable oracle networks of Chainlink so also less minimalistic from an architecture standpoint as well.
My concern is that for price oracles that need to care exclusively about maximizing cost of attack, monolithicness is actually good. You want to use an oracle system where, in the case where an attacker buys up 51% of the oracle tokens and uses them to cause a single incorrect price to be reported, the oracle token blows up completely and goes to zero (the market value going into a fork that zeroes out the attacker). You don't want an oracle system where if an attacker takes over a large share of the system (including the reputation layer, including....), they can just interfere with one result and there isn't that strong social contract of tight coupling that even one incorrect result is unacceptable.
Chainlink has always seemed to me to have more of a "choose and pay for the level of security you want" ethos and relies on quick automated responses, which is really nice for a lot of applications but is somewhat opposed to what ultra-high-value defi oracles need. In addition to the security issue above, you want delayed and even human-mediated responses in case the centralized APIs of the markets are attacked. Though if Chainlink does change itself in a direction that supports maximum-cost-of-attack-demanding oracles, I would definitely be happy with that too!
I suggest those who haven't go and skim through the Chainlink 2.0 whitepaper summary on their blog for the sake of better discourse on the pros/cons of each. Even better if you can read section 9 (staking) in the actual whitepaper.
This proposal and subsequent discussion feels largely unware of Chainlink's current design plans, given most of what's outlined here is very similar to their multi tier staking arbitration model but less performant and less capital efficient.
Chainlink introduced a staking mechanism in their new whitepaper, in which nodes would have to put up a bond (stake) that could be automatically slashed for faulty oracle reports as outlined in an on-chain service agreement. It uses a two-tier system to achieve an efficient first-layer of security where the bribe needs to be larger than the combined bonds of all nodes. The larger, highly decentralized second tier would resolve disputes of the first tier should they arise. This would provide a lot of cryptoeconomic security while removing burdensome escalation periods that are only reserved for major large disputes, which could be user-defined in how they are resolved.
data(dot)chain.link/btc-usd
Then the nodes that don't deliver good data lose their collateral. Sergey has talked about defense in depth and how you get as many nodes/sources as possible to make it so redundant that the bad data doesn't become the consensus. I don't know all the technical details beyond nodes are incentivized to provide good data, and lose collateral if they are out of the consensus. You can use whatever % deviation you want for the smart contract afaik and how many nodes you want. I would recommend you look at the chainlink documentation for answers beyond that. I'm entirely clueless about how uni would pivot into the space so like I said it seems to me a waste of resources, however I'll admit that it's beyond my scope on a technical level.
Very smart. Thanks for the suggestion.
@vbuterin
Sure, it’s possible that this would require the liquidation threshold to be significantly higher! I actually wonder what the UMA people would say to this; the “use some kind of escalation mechanism as an oracle” is an idea that as I remember they were the most focused on.
Sure, it’s possible that this would require the liquidation threshold to be significantly higher! I actually wonder what the UMA people would say to this; the “use some kind of escalation mechanism as an oracle” is an idea that as I remember they were the most focused on.
You could potentially avoid that significant decrease in overall capital efficiency during normal functioning markets by allowing for an immediate liquidation using a fast oracle like Chainlink, but those fast liquidations must be secured by a bond until the escalation/consensus based oracle is finalized.
Instead of the escalation-based oracle being burdensome to everyone all the time, as it would be if you raise liquidation thresholds, the bonding only only makes the escalation oracle more burdensome to the ecosystem during periods of stress. That burden is aligned with when the oracle is systemically needed to be trustworthy. The increased capital for liquidations and slight risk to the liquidators due to oracle disagreement could be problematic during black swan events without some lender of last resort, though.
I agree that a trusted oracle linking the native asset securing the base layer to the rest of the global economy is a public good of paramount importance. I'd question if something as fundamental and timeless as this should go beyond the responsibility of one protocol that easily wane in its ability to provide the economic security. A coalition of stakeholders (UNI, AAVE, COMP, etc.) could be better stewards and lead to broader adoption and stronger oracle consensus. But, that comes at the risk of being too complex and the project never coming to fruition.
Have you considered a solution similar to Compound's Open Price Feed? https://compound.finance/docs/prices (using signed APIs with smart contract verification to update on-chain price feeds/oracles)
I see no benefit of a fully decentralized Augur-like solution when there are multiple direct sources of off-chain price data available. Realistically all data in an Augur-like solution would be retrieved from the same CEX APIs anyways. Creating a consortium of CEXs (Coinbase/Binance/Huobi/Kraken/Bitfinex/++) to support signed API price data and incentivized medianizer/aggregator smart contracts that anyone can update for a reward may be a better use of resources. (for now)
Whatever is within the range of the consensus... that's what blockchain is...
Im curious what is wrong with staying focused on getting ETH moving and having Chainlink solve this issue. Let the leaders of each of these important and thought out systems both doing different and important tasks stay their course. What's your beef here with LINK.
A robustness-favoring oracle should target these properties even at the cost of being okay with tradeoffs like long resolution times
lol, the chainlink shills are out in full force in this thread already. i think this is a fantastic idea from vitalik and i trust the team here have the capability to make it happen and function as intended. keenly looking forward to seeing this being developed!
@vbuterin Can you please address more clearly your issues with why Chainlink does not already meet the tasks you've outlined?
You write:
@vbuterin Can you please address more clearly your issues with why Chainlink does not already meet the tasks you've outlined?
You write:
I am pretty heavily invested in both of these projects and personally would like to see UNI focus on what they're doing (building an awesome DEX) vs. taking on an entirely new architectural project for which there is already a massive leader in the space (LINK) which is fully capable of achieving the tasks you're concerned with.
Not for anything, but after reading some of your replies to the rebuttals the original post comes off very much as if you have some sort of grudge against Chainlink. It would make more sense to be proposing to them how they might make adjustments to be a superior solution for UNI's use case than to ask UNI to just suddenly build a robust decentralized oracle.
With Chainlink v2 offering a crypto-economic system with staked assets backing its oracle reports, why not leverage both the aggregated data supplied by Chainlink alongside the staking-backed oracle reports to achieve the same ends? You get better data quality than uniswap with the crypto-incentives desired to maintain availability and security.
Governance tokens like UNI seem particularly sensitive to market trends. Without other value propositions, it seems risky to rely on them for Sybil resistance for something like price oracles, where there might be big incentives to act maliciously.
In UNI's case in particular, the market cap has hovered around 300M USD for a long time. Is there not a huge risk for it to return to those levels (or lower) when the market sentiment turns bearish again?
The staking mechanism proposed in the Chainlink 2.0 whitepaper addresses exactly what you're talking about and creates a mechanism that not only STRONGLY disincentivizes even one node to erroneously report but also if a SINGLE node answers incorrectly, the next node is responsible for making the decision of whether or not that answer is correct & if they say it is incorrect there is a resolution layer. This creates a situation where only one node needs to be honest, and while there is still a need for consensus it puts in check any incorrect answer so that this answer is not reported/accepted to/on the blockchain. Therefore every single node would need to be compromised, thus making an attack way more expensive than what you'd gain from that attack. Creating a "maximum-cost-of-attack" oracle as you put it here appears to be one of the main intentions (and one they're most excited about) of their staking mechanism and upcoming infrastructure advancements.
For a quick version I would strongly recommend watching the "Chainlink 2.0 Whitepaper | Research Panel" and watching the "Understanding super-linear staking" section.
Whether the system actually winds up working as intended time is yet to tell but we know the team already has the majority of this work completed.
If the main way to keep the system honest is coordinating hardforks that is a much more involved and energy consuming process for oracles than Chainlink’s token slashing and reputation systems. This is one monolothic oracle network vs the isolated and customizable oracle networks of Chainlink so also less minimalistic from an architecture standpoint as well.
My concern is that for price oracles that need to care exclusively about maximizing cost of attack, monolithicness is actually good. You want to use an oracle system where, in the case where an attacker buys up 51% of the oracle tokens and uses them to cause a single incorrect price to be reported, the oracle token blows up completely and goes to zero (the market value going into a fork that zeroes out the attacker). You don't want an oracle system where if an attacker takes over a large share of the system (including the reputation layer, including....), they can just interfere with one result and there isn't that strong social contract of tight coupling that even one incorrect result is unacceptable.
Chainlink has always seemed to me to have more of a "choose and pay for the level of security you want" ethos and relies on quick automated responses, which is really nice for a lot of applications but is somewhat opposed to what ultra-high-value defi oracles need. In addition to the security issue above, you want delayed and even human-mediated responses in case the centralized APIs of the markets are attacked. Though if Chainlink does change itself in a direction that supports maximum-cost-of-attack-demanding oracles, I would definitely be happy with that too!
I suggest those who haven't go and skim through the Chainlink 2.0 whitepaper summary on their blog for the sake of better discourse on the pros/cons of each. Even better if you can read section 9 (staking) in the actual whitepaper.
This proposal and subsequent discussion feels largely unware of Chainlink's current design plans, given most of what's outlined here is very similar to their multi tier staking arbitration model but less performant and less capital efficient.
Chainlink introduced a staking mechanism in their new whitepaper, in which nodes would have to put up a bond (stake) that could be automatically slashed for faulty oracle reports as outlined in an on-chain service agreement. It uses a two-tier system to achieve an efficient first-layer of security where the bribe needs to be larger than the combined bonds of all nodes. The larger, highly decentralized second tier would resolve disputes of the first tier should they arise. This would provide a lot of cryptoeconomic security while removing burdensome escalation periods that are only reserved for major large disputes, which could be user-defined in how they are resolved.
data(dot)chain.link/btc-usd
Then the nodes that don't deliver good data lose their collateral. Sergey has talked about defense in depth and how you get as many nodes/sources as possible to make it so redundant that the bad data doesn't become the consensus. I don't know all the technical details beyond nodes are incentivized to provide good data, and lose collateral if they are out of the consensus. You can use whatever % deviation you want for the smart contract afaik and how many nodes you want. I would recommend you look at the chainlink documentation for answers beyond that. I'm entirely clueless about how uni would pivot into the space so like I said it seems to me a waste of resources, however I'll admit that it's beyond my scope on a technical level.
Very smart. Thanks for the suggestion.
@vbuterin
Sure, it’s possible that this would require the liquidation threshold to be significantly higher! I actually wonder what the UMA people would say to this; the “use some kind of escalation mechanism as an oracle” is an idea that as I remember they were the most focused on.
Sure, it’s possible that this would require the liquidation threshold to be significantly higher! I actually wonder what the UMA people would say to this; the “use some kind of escalation mechanism as an oracle” is an idea that as I remember they were the most focused on.
You could potentially avoid that significant decrease in overall capital efficiency during normal functioning markets by allowing for an immediate liquidation using a fast oracle like Chainlink, but those fast liquidations must be secured by a bond until the escalation/consensus based oracle is finalized.
Instead of the escalation-based oracle being burdensome to everyone all the time, as it would be if you raise liquidation thresholds, the bonding only only makes the escalation oracle more burdensome to the ecosystem during periods of stress. That burden is aligned with when the oracle is systemically needed to be trustworthy. The increased capital for liquidations and slight risk to the liquidators due to oracle disagreement could be problematic during black swan events without some lender of last resort, though.
I agree that a trusted oracle linking the native asset securing the base layer to the rest of the global economy is a public good of paramount importance. I'd question if something as fundamental and timeless as this should go beyond the responsibility of one protocol that easily wane in its ability to provide the economic security. A coalition of stakeholders (UNI, AAVE, COMP, etc.) could be better stewards and lead to broader adoption and stronger oracle consensus. But, that comes at the risk of being too complex and the project never coming to fruition.
Have you considered a solution similar to Compound's Open Price Feed? https://compound.finance/docs/prices (using signed APIs with smart contract verification to update on-chain price feeds/oracles)
I see no benefit of a fully decentralized Augur-like solution when there are multiple direct sources of off-chain price data available. Realistically all data in an Augur-like solution would be retrieved from the same CEX APIs anyways. Creating a consortium of CEXs (Coinbase/Binance/Huobi/Kraken/Bitfinex/++) to support signed API price data and incentivized medianizer/aggregator smart contracts that anyone can update for a reward may be a better use of resources. (for now)
Whatever is within the range of the consensus... that's what blockchain is...
Im curious what is wrong with staying focused on getting ETH moving and having Chainlink solve this issue. Let the leaders of each of these important and thought out systems both doing different and important tasks stay their course. What's your beef here with LINK.
A robustness-favoring oracle should target these properties even at the cost of being okay with tradeoffs like long resolution times
lol, the chainlink shills are out in full force in this thread already. i think this is a fantastic idea from vitalik and i trust the team here have the capability to make it happen and function as intended. keenly looking forward to seeing this being developed!
@vbuterin Can you please address more clearly your issues with why Chainlink does not already meet the tasks you've outlined?
You write:
@vbuterin Can you please address more clearly your issues with why Chainlink does not already meet the tasks you've outlined?
You write:
I am pretty heavily invested in both of these projects and personally would like to see UNI focus on what they're doing (building an awesome DEX) vs. taking on an entirely new architectural project for which there is already a massive leader in the space (LINK) which is fully capable of achieving the tasks you're concerned with.
Not for anything, but after reading some of your replies to the rebuttals the original post comes off very much as if you have some sort of grudge against Chainlink. It would make more sense to be proposing to them how they might make adjustments to be a superior solution for UNI's use case than to ask UNI to just suddenly build a robust decentralized oracle.
With Chainlink v2 offering a crypto-economic system with staked assets backing its oracle reports, why not leverage both the aggregated data supplied by Chainlink alongside the staking-backed oracle reports to achieve the same ends? You get better data quality than uniswap with the crypto-incentives desired to maintain availability and security.
Governance tokens like UNI seem particularly sensitive to market trends. Without other value propositions, it seems risky to rely on them for Sybil resistance for something like price oracles, where there might be big incentives to act maliciously.
In UNI's case in particular, the market cap has hovered around 300M USD for a long time. Is there not a huge risk for it to return to those levels (or lower) when the market sentiment turns bearish again?
A robustness-favoring oracle should target these properties even at the cost of being okay with tradeoffs like long resolution times
Isn't this pretty much exactly what Chainlink outlined in their whitepaper 2.0 with their two tier resolution system? For contracts ok with long resolution times, Chainlink will have a second arbitration layer that's basically the same thing that's been outlined here with the Augur comparisons.
I guess I'm struggling to see why we're trying to solve this hyper-focused oracle use case with a governance token for a DEX when we already have an oracle focused project solving it. Competing solutions are great but this kind of feels like a tacked on feature with how specialized it is. Why burden Uniswap with developing this very particular use case that's orthogonal to their core use case?
And this is exactly why I am proposing that the absolutely-massive-market-cap UNI takes on this task!
Chainlink's staking system has a quadratic scaling effect, the proposed Augur/UMA model does not. As mentioned in the OP, the Augur/UMA model has an attack cost of 1/2n, significantly less than Chainlink's n^2 that comes from concentrating the staking rewards from all nodes into one.
So yes, UNI's market cap is massive but LINK's is as well, uses that capital more efficiently by a power of 2, and has better incentives to keep that massive market cap (staking and utility purchasing data) whereas UNI's value comes from governance.
Sir ,,, my village would like to educate you. Chainlink does objective inputs, Kleros would do subjective inputs. If uniswap were to pivot to oracles, they would have to be objective inputs. I personally don't see any value in uniswap pivoting to the oracle space, it seems to me a waste of resources. I understand wanting to move governance to l2 and give the uni token some utility, but I suspect there are more interesting things you could do with the token to add value rather an oracle.
What if you had protocols that did not liquidate people? Been following Ruler Protocol recently, they seem to be pulling this off. @vbuterin
Sure, it's possible that this would require the liquidation threshold to be significantly higher! I actually wonder what the UMA people would say to this; the "use some kind of escalation mechanism as an oracle" is an idea that as I remember they were the most focused on.
Sure, it's possible that this would require the liquidation threshold to be significantly higher! I actually wonder what the UMA people would say to this; the "use some kind of escalation mechanism as an oracle" is an idea that as I remember they were the most focused on.
Another alternative is that Uniswap itself could make it easy for a large class of participants to be liquidators for free, and make escalation be part of the oracle (and expose the level of escalation in an API that stablecoins could use). UNI holders, Uniswap liquidity providers, etc...
For things like CDP liquidations and interest rate adjustments which need to be done quickly, this cane be problematic.
Interest rate adjustments definitely do not need to be done quickly; once a week is fine imo.
For things like CDP liquidations and interest rate adjustments which need to be done quickly, this cane be problematic.
Interest rate adjustments definitely do not need to be done quickly; once a week is fine imo.
For CDP liquidations, the idea is that you only need the process to start to put the CDP in limbo. The first liquidator would have to provide a lot of collateral to make sure the outcome resolves safely no matter which way it goes.
Also, it can be very dangerous if the assets under management of the oracle (how much can be stolen by the oracle lying) exceeds the market cap of the oracle token (UNI in this case) by 2x since it becomes profitable to rob the system via governance attack.
And this is exactly why I am proposing that the absolutely-massive-market-cap UNI takes on this task!
Collateralized stablecoins like DAI/RAI (which are backed by ETH and other on-chain tokens) need to be able to liquidate undercollateralized positions in a timely manner for the protocol to stay solvent,
Collateralized stablecoins like DAI/RAI (which are backed by ETH and other on-chain tokens) need to be able to liquidate undercollateralized positions in a timely manner for the protocol to stay solvent,
I would say that a stablecoin that depends on timeliness for its security is not stable at all. There's always the chance of a blockchain attack at the same time as a market crash; indeed, a period of high market volatility is the best time to attack the chain! There's a reason optimistic rollups have a 1 week finality period, and stablecoins need to start thinking in those terms as well. A 1.5x liquidation margin is a good start; perhaps that needs to even be pushed slightly higher. Obviously you can have more security during those periods when the network is doing well, but you can't rely on acceptable network latency absolutely.
Also, I should repeat when I said in an earlier reply: the oracle does not go immediately to "everyone votes". You only need a single liquidator to kick off the process, and that is something that can happen quickly at least during non-attack periods.
But how would you know to trigger a liquidation without the hourly price feed?
The liquidators would be watching the price, and if they see that the price is low enough that a CDP is undercollateralized, they would start the liquidation process. But the liquidation process would be challengeable and could be challenged many times, so the final result would not be known for some time (and this is okay! the liquidator's extra collateral would cover any extra price movements that happen while the CDP is in the "liquidation pending" state)
From my perspective, this proposal suggests that Uniswap should launch an Augur/UMA style human voting oracle in addition to their existing decentralized exchange infrastructure. In my opinion, a token-weighted human voting based oracle mechanism is not ideal for providing decentralized stablecoins the price data they require. Collateralized stablecoins like DAI/RAI (which are backed by ETH and other on-chain tokens) need to be able to liquidate undercollateralized positions in a timely manner for the protocol to stay solvent, otherwise the peg of the stablecoin can break when collateral is less than the debt/stablecoins minted. Augur-style disputes can take days to weeks to resolve, by which point it may be far too late to do anything about the situation, leading to the loss of user funds and a loss of confidence in the stablecoin.
We can imagine a flash crash scenario where the price of a collateral asset drastically falls during a period of extreme Ethereum network congestion. Will UNI holders be incentivized to put the collateral price on-chain in a timely manner when gas fees are 1000+ gwei during a flash crash? What would be the consequences of price data not being posted on-chain within the timeframe required for viable liquidations? A dedicated decentralized oracle network consisting of nodes whose sole business is to provide reliable data even during the worst of network conditions are highly incentivized to post data during these conditions as their long term revenue depends on their personal reputation/performance history and the value of the token they hold and are paid in depend on the reputation/performance history of the network as a whole.
Hm but I’m not sure how “low latency” a stablecoin can handle. Maker requires an hourly price. How does this actually function? You can’t have a quorum of UNI holders voting every hour. Also doesn’t delegation introduce a potential centralization risk?
Account created 1 day ago. Proof this is the real Vitalik?
LINK's superlinear staking which is already mostly built solves for the need outlined here in its entirety. I have a hard time believing real Vitalik is not aware of this, but willing to be proven wrong.
I agree with everything Vitalik stated, get a proposal up asap 👍
A robustness-favoring oracle should target these properties even at the cost of being okay with tradeoffs like long resolution times
Isn't this pretty much exactly what Chainlink outlined in their whitepaper 2.0 with their two tier resolution system? For contracts ok with long resolution times, Chainlink will have a second arbitration layer that's basically the same thing that's been outlined here with the Augur comparisons.
I guess I'm struggling to see why we're trying to solve this hyper-focused oracle use case with a governance token for a DEX when we already have an oracle focused project solving it. Competing solutions are great but this kind of feels like a tacked on feature with how specialized it is. Why burden Uniswap with developing this very particular use case that's orthogonal to their core use case?
And this is exactly why I am proposing that the absolutely-massive-market-cap UNI takes on this task!
Chainlink's staking system has a quadratic scaling effect, the proposed Augur/UMA model does not. As mentioned in the OP, the Augur/UMA model has an attack cost of 1/2n, significantly less than Chainlink's n^2 that comes from concentrating the staking rewards from all nodes into one.
So yes, UNI's market cap is massive but LINK's is as well, uses that capital more efficiently by a power of 2, and has better incentives to keep that massive market cap (staking and utility purchasing data) whereas UNI's value comes from governance.
Sir ,,, my village would like to educate you. Chainlink does objective inputs, Kleros would do subjective inputs. If uniswap were to pivot to oracles, they would have to be objective inputs. I personally don't see any value in uniswap pivoting to the oracle space, it seems to me a waste of resources. I understand wanting to move governance to l2 and give the uni token some utility, but I suspect there are more interesting things you could do with the token to add value rather an oracle.
What if you had protocols that did not liquidate people? Been following Ruler Protocol recently, they seem to be pulling this off. @vbuterin
Sure, it's possible that this would require the liquidation threshold to be significantly higher! I actually wonder what the UMA people would say to this; the "use some kind of escalation mechanism as an oracle" is an idea that as I remember they were the most focused on.
Sure, it's possible that this would require the liquidation threshold to be significantly higher! I actually wonder what the UMA people would say to this; the "use some kind of escalation mechanism as an oracle" is an idea that as I remember they were the most focused on.
Another alternative is that Uniswap itself could make it easy for a large class of participants to be liquidators for free, and make escalation be part of the oracle (and expose the level of escalation in an API that stablecoins could use). UNI holders, Uniswap liquidity providers, etc...
For things like CDP liquidations and interest rate adjustments which need to be done quickly, this cane be problematic.
Interest rate adjustments definitely do not need to be done quickly; once a week is fine imo.
For things like CDP liquidations and interest rate adjustments which need to be done quickly, this cane be problematic.
Interest rate adjustments definitely do not need to be done quickly; once a week is fine imo.
For CDP liquidations, the idea is that you only need the process to start to put the CDP in limbo. The first liquidator would have to provide a lot of collateral to make sure the outcome resolves safely no matter which way it goes.
Also, it can be very dangerous if the assets under management of the oracle (how much can be stolen by the oracle lying) exceeds the market cap of the oracle token (UNI in this case) by 2x since it becomes profitable to rob the system via governance attack.
And this is exactly why I am proposing that the absolutely-massive-market-cap UNI takes on this task!
Collateralized stablecoins like DAI/RAI (which are backed by ETH and other on-chain tokens) need to be able to liquidate undercollateralized positions in a timely manner for the protocol to stay solvent,
Collateralized stablecoins like DAI/RAI (which are backed by ETH and other on-chain tokens) need to be able to liquidate undercollateralized positions in a timely manner for the protocol to stay solvent,
I would say that a stablecoin that depends on timeliness for its security is not stable at all. There's always the chance of a blockchain attack at the same time as a market crash; indeed, a period of high market volatility is the best time to attack the chain! There's a reason optimistic rollups have a 1 week finality period, and stablecoins need to start thinking in those terms as well. A 1.5x liquidation margin is a good start; perhaps that needs to even be pushed slightly higher. Obviously you can have more security during those periods when the network is doing well, but you can't rely on acceptable network latency absolutely.
Also, I should repeat when I said in an earlier reply: the oracle does not go immediately to "everyone votes". You only need a single liquidator to kick off the process, and that is something that can happen quickly at least during non-attack periods.
But how would you know to trigger a liquidation without the hourly price feed?
The liquidators would be watching the price, and if they see that the price is low enough that a CDP is undercollateralized, they would start the liquidation process. But the liquidation process would be challengeable and could be challenged many times, so the final result would not be known for some time (and this is okay! the liquidator's extra collateral would cover any extra price movements that happen while the CDP is in the "liquidation pending" state)
From my perspective, this proposal suggests that Uniswap should launch an Augur/UMA style human voting oracle in addition to their existing decentralized exchange infrastructure. In my opinion, a token-weighted human voting based oracle mechanism is not ideal for providing decentralized stablecoins the price data they require. Collateralized stablecoins like DAI/RAI (which are backed by ETH and other on-chain tokens) need to be able to liquidate undercollateralized positions in a timely manner for the protocol to stay solvent, otherwise the peg of the stablecoin can break when collateral is less than the debt/stablecoins minted. Augur-style disputes can take days to weeks to resolve, by which point it may be far too late to do anything about the situation, leading to the loss of user funds and a loss of confidence in the stablecoin.
We can imagine a flash crash scenario where the price of a collateral asset drastically falls during a period of extreme Ethereum network congestion. Will UNI holders be incentivized to put the collateral price on-chain in a timely manner when gas fees are 1000+ gwei during a flash crash? What would be the consequences of price data not being posted on-chain within the timeframe required for viable liquidations? A dedicated decentralized oracle network consisting of nodes whose sole business is to provide reliable data even during the worst of network conditions are highly incentivized to post data during these conditions as their long term revenue depends on their personal reputation/performance history and the value of the token they hold and are paid in depend on the reputation/performance history of the network as a whole.
Hm but I’m not sure how “low latency” a stablecoin can handle. Maker requires an hourly price. How does this actually function? You can’t have a quorum of UNI holders voting every hour. Also doesn’t delegation introduce a potential centralization risk?
Account created 1 day ago. Proof this is the real Vitalik?
LINK's superlinear staking which is already mostly built solves for the need outlined here in its entirety. I have a hard time believing real Vitalik is not aware of this, but willing to be proven wrong.
I agree with everything Vitalik stated, get a proposal up asap 👍
From my perspective, this proposal suggests that Uniswap should launch an Augur/UMA style human voting oracle in addition to their existing decentralized exchange infrastructure. In my opinion, a token-weighted human voting based oracle mechanism is not ideal for providing decentralized stablecoins the price data they require. Collateralized stablecoins like DAI/RAI (which are backed by ETH and other on-chain tokens) need to be able to liquidate undercollateralized positions in a timely manner for the protocol to stay solvent, otherwise the peg of the stablecoin can break when collateral is less than the debt/stablecoins minted. Augur-style disputes can take days to weeks to resolve, by which point it may be far too late to do anything about the situation, leading to the loss of user funds and a loss of confidence in the stablecoin.
We can imagine a flash crash scenario where the price of a collateral asset drastically falls during a period of extreme Ethereum network congestion. Will UNI holders be incentivized to put the collateral price on-chain in a timely manner when gas fees are 1000+ gwei during a flash crash? What would be the consequences of price data not being posted on-chain within the timeframe required for viable liquidations? A dedicated decentralized oracle network consisting of nodes whose sole business is to provide reliable data even during the worst of network conditions are highly incentivized to post data during these conditions as their long term revenue depends on their personal reputation/performance history and the value of the token they hold and are paid in depend on the reputation/performance history of the network as a whole.
Creating an oracle system requires a lot of resources for development, monitoring, upkeep, and support. Creating an oracle as a side project would siphon resources away from development of the Uniswap DEX, the primary product offering from Uniswap. There are also open questions here such as where the data would be sourced from, how often the price feed should update, how much each token holder should be paid, how much they should be slashed, how forks would be handled from a user’s perspective, how long disputes should last, how a network of voters would be bootstrapped, how users will be onboarded and supported during integration, etc.
In my opinion, using Chainlink as an oracle and using Uniswap as a DEX is the best possible equilibrium where resources aren’t wasted and users are provided the highest quality infrastructure at the lowest cost (economies of scale provided by the Chainlink network through the shared cost model of the reference contracts). If interested, I can provide additional context on the existing cryptoeconomics of the Chainlink network today as there are indeed financial penalties for posting incorrect data.
Hm but I’m not sure how “low latency” a stablecoin can handle. Maker requires an hourly price. How does this actually function? You can’t have a quorum of UNI holders voting every hour. Also doesn’t delegation introduce a potential centralization risk?
Technically you only need price feeds in two occasions:
You don't need a quorum of UNI holders voting once every time one of the above things happens, you can use an escalation mechanism: whoever first takes an action that requires providing a price provides a price along with a deposit, then anyone else can challenge them with a 2x deposit, and then the deposits escalate until only past some threshold you do a global vote. This is how the Augur oracle works, and IMO it works quite well!
Uniswap has already seen some difficulty enacting governance with the token, I wonder if spreading token utility out further would make governance even harder.
Meanwhile the full market cap of the LINK token can be dedicated to purchasing data and securing it when the staking mechanism outlined in their 2.0 model is deployed. No cross-utility to worry about spreading the cryptoeconomics around, it's fully oracle focused.
Uniswap has already seen some difficulty enacting governance with the token, I wonder if spreading token utility out further would make governance even harder.
Meanwhile the full market cap of the LINK token can be dedicated to purchasing data and securing it when the staking mechanism outlined in their 2.0 model is deployed. No cross-utility to worry about spreading the cryptoeconomics around, it's fully oracle focused.
May edit this with more thoughts as I further process the proposal.
Edit: As I outlined further below, my conclusion here is this both solves the issue in a lesser manner than Chainlink and also burdens Uniswap development with a specialized use not core to their product. This Augur arbitration model is not exactly a simple extension of Uniswap's current oracle model, it's a whole new economic system tacked on for one specific case.
Furthermore Chainlink is already solving this in the same way with their proposed two tier arbitration system that lets latency tolerant contracts (like what's proposed here) go into an Augur style resolution (also like what's proposed here) but the difference is that the security of Chainlink's model has n^2 scaling with the value of LINK whereas the Augur/UMA model has 1/2n scaling.
So basically this seems like extra work for the Uniswap team just to result in something similar to Chainlink 2.0 but less effective.
FYI this is getting traction again because of this post:
Great to see discussion resurected around this topic. Looks like a few things are still needed to figure out:
8/ It’s worth considering a fee to use Uniswap oracles.
While this would require some protocol changes, this could be implemented as a flat fee in ETH per call or a registration of a project’s contract on an array of approved oracle callers.
Great to see discussion resurected around this topic. Looks like a few things are still needed to figure out:
8/ It’s worth considering a fee to use Uniswap oracles.
While this would require some protocol changes, this could be implemented as a flat fee in ETH per call or a registration of a project’s contract on an array of approved oracle callers.
What would the complexity be of this type of protocol change, and does it require extensive testing/auditing?
Also need to figure what defines Uniswap as a "keeper of oracles" per the tweet thread:
(1) act as a “liquidity provider of last resort” By “liquidity provider of last resort,” I mean the DAO could create an automated strategy or appoint an LP manager to provide passive liquidity to pools that are important oracles and running low on liquidity.
(2) provide liquidity incentives to pools that are high value as price oracles
(3) provide data and research regarding oracle performance
(4) provide better documentation for best practices around oracle usage
It looks a "Keeper of Oracles" would function well if it did all four of these tasks. One of the best way's for user's to learn about Oracles is to actually use it for projects, and to have documention surrounding the process of usage.
I wonder if Point (1) and (2) could be related somehow. Such as providing longer period vested incentives, that are locked up as insurance incase point (1) happens during x amount of time. i.e. Incentive long period lock up, that pays out if oracle is successful, but accured potential payout is slashed if failing.
The latency of large and short time frames of the oracle could partically be mitigated by healthy liquidity depth around spot, so perhaps an active liquidity manager could be involved in this strategy.
Great to see this proposal have some fresh eyes and perspective from Alex Kroeger. Helps me see the potential.
What can be done here based this tweet?
I love it! This is a killer feature to propel Uniswap further as an overall product. :unicorn: :clap:
+1 for UNI Oracle I understand there were two leads of the Augurs oracle system: Jack Peterson and Joey Krug.
I don't think it is just a question of throwing money around to value UNI. The issue is about decentralization. Having an independent Oracle by the largest DEX entity in the world (by daily volume) seems logical. As Andreas, Vitalik and others have pointed out and as evidenced (for example; in Compound DAI liquidation Oracle event in Dec 2020): Multi Oracle systems are required to mitigate single-points-of-failure issues with respect to data ingest feed evaluations. Prediction Market tech have the potential of becoming the next big thing to blockchain and it seems only natural to build an oracle on UNI since it is the leading DEX/DEFI token. It would be really great if you could help us with the proposal to complement Augurs oracle system.
coming from vbuterin, I don't think I have any arguments not to support your proposal
I guess the assumption is nobody will continue to trade on uniswap if UNI is used to break oracles. And then UNI price crashes to zero. Not sure how well it holds up because uniswap is trustless.
Looking forward to it!
So what would this mean for UNI token holders? Would we have to pay for the oracles(gas fee via voting? or other fee) or would this system provide an added benefit to the UNI token. Im essentially asking whether this proposal proposes to make a subsidy from the UNI´s value or not.
I'm not talking about chainlink consensus, I'm talking about bitcoin consensus.
Suppose bitcoin consensus weakens and we have two bitcoin forks and both have significant price. Now if someone queries BTC/USD, chainlink needs to decide which bitcoin fork they're actually referring to.
I'm not saying this is unsolvable or even a hard problem, I'm just saying an oracle can never be 100% objective.
From my perspective, this proposal suggests that Uniswap should launch an Augur/UMA style human voting oracle in addition to their existing decentralized exchange infrastructure. In my opinion, a token-weighted human voting based oracle mechanism is not ideal for providing decentralized stablecoins the price data they require. Collateralized stablecoins like DAI/RAI (which are backed by ETH and other on-chain tokens) need to be able to liquidate undercollateralized positions in a timely manner for the protocol to stay solvent, otherwise the peg of the stablecoin can break when collateral is less than the debt/stablecoins minted. Augur-style disputes can take days to weeks to resolve, by which point it may be far too late to do anything about the situation, leading to the loss of user funds and a loss of confidence in the stablecoin.
We can imagine a flash crash scenario where the price of a collateral asset drastically falls during a period of extreme Ethereum network congestion. Will UNI holders be incentivized to put the collateral price on-chain in a timely manner when gas fees are 1000+ gwei during a flash crash? What would be the consequences of price data not being posted on-chain within the timeframe required for viable liquidations? A dedicated decentralized oracle network consisting of nodes whose sole business is to provide reliable data even during the worst of network conditions are highly incentivized to post data during these conditions as their long term revenue depends on their personal reputation/performance history and the value of the token they hold and are paid in depend on the reputation/performance history of the network as a whole.
Creating an oracle system requires a lot of resources for development, monitoring, upkeep, and support. Creating an oracle as a side project would siphon resources away from development of the Uniswap DEX, the primary product offering from Uniswap. There are also open questions here such as where the data would be sourced from, how often the price feed should update, how much each token holder should be paid, how much they should be slashed, how forks would be handled from a user’s perspective, how long disputes should last, how a network of voters would be bootstrapped, how users will be onboarded and supported during integration, etc.
In my opinion, using Chainlink as an oracle and using Uniswap as a DEX is the best possible equilibrium where resources aren’t wasted and users are provided the highest quality infrastructure at the lowest cost (economies of scale provided by the Chainlink network through the shared cost model of the reference contracts). If interested, I can provide additional context on the existing cryptoeconomics of the Chainlink network today as there are indeed financial penalties for posting incorrect data.
Hm but I’m not sure how “low latency” a stablecoin can handle. Maker requires an hourly price. How does this actually function? You can’t have a quorum of UNI holders voting every hour. Also doesn’t delegation introduce a potential centralization risk?
Technically you only need price feeds in two occasions:
You don't need a quorum of UNI holders voting once every time one of the above things happens, you can use an escalation mechanism: whoever first takes an action that requires providing a price provides a price along with a deposit, then anyone else can challenge them with a 2x deposit, and then the deposits escalate until only past some threshold you do a global vote. This is how the Augur oracle works, and IMO it works quite well!
Uniswap has already seen some difficulty enacting governance with the token, I wonder if spreading token utility out further would make governance even harder.
Meanwhile the full market cap of the LINK token can be dedicated to purchasing data and securing it when the staking mechanism outlined in their 2.0 model is deployed. No cross-utility to worry about spreading the cryptoeconomics around, it's fully oracle focused.
Uniswap has already seen some difficulty enacting governance with the token, I wonder if spreading token utility out further would make governance even harder.
Meanwhile the full market cap of the LINK token can be dedicated to purchasing data and securing it when the staking mechanism outlined in their 2.0 model is deployed. No cross-utility to worry about spreading the cryptoeconomics around, it's fully oracle focused.
May edit this with more thoughts as I further process the proposal.
Edit: As I outlined further below, my conclusion here is this both solves the issue in a lesser manner than Chainlink and also burdens Uniswap development with a specialized use not core to their product. This Augur arbitration model is not exactly a simple extension of Uniswap's current oracle model, it's a whole new economic system tacked on for one specific case.
Furthermore Chainlink is already solving this in the same way with their proposed two tier arbitration system that lets latency tolerant contracts (like what's proposed here) go into an Augur style resolution (also like what's proposed here) but the difference is that the security of Chainlink's model has n^2 scaling with the value of LINK whereas the Augur/UMA model has 1/2n scaling.
So basically this seems like extra work for the Uniswap team just to result in something similar to Chainlink 2.0 but less effective.
FYI this is getting traction again because of this post:
Great to see discussion resurected around this topic. Looks like a few things are still needed to figure out:
8/ It’s worth considering a fee to use Uniswap oracles.
While this would require some protocol changes, this could be implemented as a flat fee in ETH per call or a registration of a project’s contract on an array of approved oracle callers.
Great to see discussion resurected around this topic. Looks like a few things are still needed to figure out:
8/ It’s worth considering a fee to use Uniswap oracles.
While this would require some protocol changes, this could be implemented as a flat fee in ETH per call or a registration of a project’s contract on an array of approved oracle callers.
What would the complexity be of this type of protocol change, and does it require extensive testing/auditing?
Also need to figure what defines Uniswap as a "keeper of oracles" per the tweet thread:
(1) act as a “liquidity provider of last resort” By “liquidity provider of last resort,” I mean the DAO could create an automated strategy or appoint an LP manager to provide passive liquidity to pools that are important oracles and running low on liquidity.
(2) provide liquidity incentives to pools that are high value as price oracles
(3) provide data and research regarding oracle performance
(4) provide better documentation for best practices around oracle usage
It looks a "Keeper of Oracles" would function well if it did all four of these tasks. One of the best way's for user's to learn about Oracles is to actually use it for projects, and to have documention surrounding the process of usage.
I wonder if Point (1) and (2) could be related somehow. Such as providing longer period vested incentives, that are locked up as insurance incase point (1) happens during x amount of time. i.e. Incentive long period lock up, that pays out if oracle is successful, but accured potential payout is slashed if failing.
The latency of large and short time frames of the oracle could partically be mitigated by healthy liquidity depth around spot, so perhaps an active liquidity manager could be involved in this strategy.
Great to see this proposal have some fresh eyes and perspective from Alex Kroeger. Helps me see the potential.
What can be done here based this tweet?
I love it! This is a killer feature to propel Uniswap further as an overall product. :unicorn: :clap:
+1 for UNI Oracle I understand there were two leads of the Augurs oracle system: Jack Peterson and Joey Krug.
I don't think it is just a question of throwing money around to value UNI. The issue is about decentralization. Having an independent Oracle by the largest DEX entity in the world (by daily volume) seems logical. As Andreas, Vitalik and others have pointed out and as evidenced (for example; in Compound DAI liquidation Oracle event in Dec 2020): Multi Oracle systems are required to mitigate single-points-of-failure issues with respect to data ingest feed evaluations. Prediction Market tech have the potential of becoming the next big thing to blockchain and it seems only natural to build an oracle on UNI since it is the leading DEX/DEFI token. It would be really great if you could help us with the proposal to complement Augurs oracle system.
coming from vbuterin, I don't think I have any arguments not to support your proposal
I guess the assumption is nobody will continue to trade on uniswap if UNI is used to break oracles. And then UNI price crashes to zero. Not sure how well it holds up because uniswap is trustless.
Looking forward to it!
So what would this mean for UNI token holders? Would we have to pay for the oracles(gas fee via voting? or other fee) or would this system provide an added benefit to the UNI token. Im essentially asking whether this proposal proposes to make a subsidy from the UNI´s value or not.
I'm not talking about chainlink consensus, I'm talking about bitcoin consensus.
Suppose bitcoin consensus weakens and we have two bitcoin forks and both have significant price. Now if someone queries BTC/USD, chainlink needs to decide which bitcoin fork they're actually referring to.
I'm not saying this is unsolvable or even a hard problem, I'm just saying an oracle can never be 100% objective.
Ruler protocol still requires an oracle.
If I am understanding correctly you are assuming a single CDP will be so massive that it will be larger than the market cap of Uniswap? I am envisioning this oracle system to be monitoring massive amounts of individual CDP's that are all being monitored separately not as one large target.
I do not think it is realistic scenario that a single CDP created by a user will be able to generate such a large collateral event to rival a take down of Uniswap. Perhaps limits could exist with how large of a CDP could be created, or governance can vote for certain pairs that can create colleterial safely depending on distribution of the paired token to token holder list? (i.e. if a Link developer owns 10% of tokens of a 50 billion dollar token, then there may be a risk of collateral for a LINK/USD pair as one person could create 5 billion dollars colleterial?)
forks exist when there's lack of consensus, that's the whole point of a fork
All oracles querying offchain data have edge cases, you can only minimise them, not eliminate.
For instance if Chainlink is querying BTC/USD price from Binance, CME and ftx, how does it respond if there is a large gap between the prices? How does it respond if these exchanges go down? Or if bitcoin gets hard forked - which fork is now canonical for price queries?
I do think it would be great for DAOs to also double up as oracle systems. DAOs make profit and hence have something to lose from being malicious, they're also often decentralised which makes coordination for the sake of collusion harder. But I don't know if Uniswap is capable and willing to work on this, I'd rather see more oracle-focussed project build the infrastructure and then incorporate the UNI token for security.
Securing oracles involves a large number of hard research problems that ethereum researchers are only now waking up to.
I do think it would be great for DAOs to also double up as oracle systems. DAOs make profit and hence have something to lose from being malicious, they're also often decentralised which makes coordination for the sake of collusion harder. But I don't know if Uniswap is capable and willing to work on this, I'd rather see more oracle-focussed project build the infrastructure and then incorporate the UNI token for security.
Securing oracles involves a large number of hard research problems that ethereum researchers are only now waking up to.
I do think connecting to the real world is the most signifcant problem that ethereum needs to solve, and I have previously written about the oracle problem (noma.substack / oracle problem, this forum doesn't allow links). I'd just rather see a more dedicated and collaborative effort from the ethereum community, than rushing it through with a single team who, until now, hasn't been focussing on this as its primary challenge.
And this is exactly why I am proposing that the absolutely-massive-market-cap UNI takes on this task!
And this is exactly why I am proposing that the absolutely-massive-market-cap UNI takes on this task!
The market cap of UNI is absolutely massive today, but it may not be absolutely massive tomorrow. If you don't have a mechanism to ensure that the market cap remains higher than the assets at risk you can very easily end up in a dangerous situation. The only reason Augur works is because it has mechanisms in place to guarantee that the REP market cap always exceeds the market cap of the assets at risk (and even this is not perfect as parasitic open interest cannot be accounted for).
You don’t need a quorum of UNI holders voting once every time one of the above things happens, you can use an escalation mechanism: whoever first takes an action that requires providing a price provides a price along with a deposit, then anyone else can challenge them with a 2x deposit, and then the deposits escalate until only past some threshold you do a global vote. This is how the Augur oracle works, and IMO it works quite well!
You don’t need a quorum of UNI holders voting once every time one of the above things happens, you can use an escalation mechanism: whoever first takes an action that requires providing a price provides a price along with a deposit, then anyone else can challenge them with a 2x deposit, and then the deposits escalate until only past some threshold you do a global vote. This is how the Augur oracle works, and IMO it works quite well!
An escalating oracle can take a very long time to resolve. For things like CDP liquidations and interest rate adjustments which need to be done quickly, this cane be problematic.
Also, it can be very dangerous if the assets under management of the oracle (how much can be stolen by the oracle lying) exceeds the market cap of the oracle token (UNI in this case) by 2x since it becomes profitable to rob the system via governance attack.
I don't think a long "liquidation pending" state is feasible, unfortunately. If the price of the asset is dropping quickly, the solvency of the system is at risk for every hour you wait. The only potential solution to this would be very high levels of over-collateralization, which would render the system uncompetitive.
But how would you know to trigger a liquidation without the hourly price feed? You also need the price for stablecoin generation in the first place.
I'm also not following the escalation procedure as by time the issue is resolved the entire system could have collapsed. Unless I'm missing something? Is the escalation period prior to the submission of the price?
LINK's superlinear staking which is already mostly built solves for the need outlined here in its entirety. I have a hard time believing real Vitalik is not aware of this, but willing to be proven wrong.
The liquidators would be watching the price, and if they see that the price is low enough that a CDP is undercollateralized, they would start the liquidation process. But the liquidation process would be challengeable and could be challenged many times, so the final result would not be known for some time (and this is okay! the liquidator’s extra collateral would cover any extra price movements that happen while the CDP is in the “liquidation pending” state)
+1 on this! i think the accessibility of uniswap's TWAP oracle has been great but curious of the implementation for the UNI governance token to double up as an oracle token...
if anyone has ideas on implementation - would love to see them discussed and of course, apply to the UNI Grants Program - unigrants.org!
Hm but I'm not sure how "low latency" a stablecoin can handle. Maker requires an hourly price. How does this actually function? You can't have a quorum of UNI holders voting every hour. Also doesn't delegation introduce a potential centralization risk?
Like the idea, curious about implementation.
Uniswap as a highly secure oracle system is much needed; and is a great idea. I am trying to grasp how UNI will be used in the model. My hope is it does not require extensive hardware requirements like running a full node. To be an oracle reporter is to be a holder of UNI, or does it require also being a Liquidity Pooler (with locked up funds) to gain UNI incentives or potential slashing in the case of maliciousness?
Is being an oracle a passive or active experience? I.e is the oracle in the center (like the treasury) passively running and token holders vote as a whole occasionally during a price dispute, or is each UNI token holder or LP'er actively reporting specific paired pricing constantly. How is off-chain currency data aggregated with UNI oracles?
Uniswap as a highly secure oracle system is much needed; and is a great idea. I am trying to grasp how UNI will be used in the model. My hope is it does not require extensive hardware requirements like running a full node. To be an oracle reporter is to be a holder of UNI, or does it require also being a Liquidity Pooler (with locked up funds) to gain UNI incentives or potential slashing in the case of maliciousness?
Is being an oracle a passive or active experience? I.e is the oracle in the center (like the treasury) passively running and token holders vote as a whole occasionally during a price dispute, or is each UNI token holder or LP'er actively reporting specific paired pricing constantly. How is off-chain currency data aggregated with UNI oracles?
I am in support of an improvement that allows token holders to become more engaged in the Ethereum ecosystem.
Ruler protocol still requires an oracle.
If I am understanding correctly you are assuming a single CDP will be so massive that it will be larger than the market cap of Uniswap? I am envisioning this oracle system to be monitoring massive amounts of individual CDP's that are all being monitored separately not as one large target.
I do not think it is realistic scenario that a single CDP created by a user will be able to generate such a large collateral event to rival a take down of Uniswap. Perhaps limits could exist with how large of a CDP could be created, or governance can vote for certain pairs that can create colleterial safely depending on distribution of the paired token to token holder list? (i.e. if a Link developer owns 10% of tokens of a 50 billion dollar token, then there may be a risk of collateral for a LINK/USD pair as one person could create 5 billion dollars colleterial?)
forks exist when there's lack of consensus, that's the whole point of a fork
All oracles querying offchain data have edge cases, you can only minimise them, not eliminate.
For instance if Chainlink is querying BTC/USD price from Binance, CME and ftx, how does it respond if there is a large gap between the prices? How does it respond if these exchanges go down? Or if bitcoin gets hard forked - which fork is now canonical for price queries?
I do think it would be great for DAOs to also double up as oracle systems. DAOs make profit and hence have something to lose from being malicious, they're also often decentralised which makes coordination for the sake of collusion harder. But I don't know if Uniswap is capable and willing to work on this, I'd rather see more oracle-focussed project build the infrastructure and then incorporate the UNI token for security.
Securing oracles involves a large number of hard research problems that ethereum researchers are only now waking up to.
I do think it would be great for DAOs to also double up as oracle systems. DAOs make profit and hence have something to lose from being malicious, they're also often decentralised which makes coordination for the sake of collusion harder. But I don't know if Uniswap is capable and willing to work on this, I'd rather see more oracle-focussed project build the infrastructure and then incorporate the UNI token for security.
Securing oracles involves a large number of hard research problems that ethereum researchers are only now waking up to.
I do think connecting to the real world is the most signifcant problem that ethereum needs to solve, and I have previously written about the oracle problem (noma.substack / oracle problem, this forum doesn't allow links). I'd just rather see a more dedicated and collaborative effort from the ethereum community, than rushing it through with a single team who, until now, hasn't been focussing on this as its primary challenge.
And this is exactly why I am proposing that the absolutely-massive-market-cap UNI takes on this task!
And this is exactly why I am proposing that the absolutely-massive-market-cap UNI takes on this task!
The market cap of UNI is absolutely massive today, but it may not be absolutely massive tomorrow. If you don't have a mechanism to ensure that the market cap remains higher than the assets at risk you can very easily end up in a dangerous situation. The only reason Augur works is because it has mechanisms in place to guarantee that the REP market cap always exceeds the market cap of the assets at risk (and even this is not perfect as parasitic open interest cannot be accounted for).
You don’t need a quorum of UNI holders voting once every time one of the above things happens, you can use an escalation mechanism: whoever first takes an action that requires providing a price provides a price along with a deposit, then anyone else can challenge them with a 2x deposit, and then the deposits escalate until only past some threshold you do a global vote. This is how the Augur oracle works, and IMO it works quite well!
You don’t need a quorum of UNI holders voting once every time one of the above things happens, you can use an escalation mechanism: whoever first takes an action that requires providing a price provides a price along with a deposit, then anyone else can challenge them with a 2x deposit, and then the deposits escalate until only past some threshold you do a global vote. This is how the Augur oracle works, and IMO it works quite well!
An escalating oracle can take a very long time to resolve. For things like CDP liquidations and interest rate adjustments which need to be done quickly, this cane be problematic.
Also, it can be very dangerous if the assets under management of the oracle (how much can be stolen by the oracle lying) exceeds the market cap of the oracle token (UNI in this case) by 2x since it becomes profitable to rob the system via governance attack.
I don't think a long "liquidation pending" state is feasible, unfortunately. If the price of the asset is dropping quickly, the solvency of the system is at risk for every hour you wait. The only potential solution to this would be very high levels of over-collateralization, which would render the system uncompetitive.
But how would you know to trigger a liquidation without the hourly price feed? You also need the price for stablecoin generation in the first place.
I'm also not following the escalation procedure as by time the issue is resolved the entire system could have collapsed. Unless I'm missing something? Is the escalation period prior to the submission of the price?
LINK's superlinear staking which is already mostly built solves for the need outlined here in its entirety. I have a hard time believing real Vitalik is not aware of this, but willing to be proven wrong.
The liquidators would be watching the price, and if they see that the price is low enough that a CDP is undercollateralized, they would start the liquidation process. But the liquidation process would be challengeable and could be challenged many times, so the final result would not be known for some time (and this is okay! the liquidator’s extra collateral would cover any extra price movements that happen while the CDP is in the “liquidation pending” state)
+1 on this! i think the accessibility of uniswap's TWAP oracle has been great but curious of the implementation for the UNI governance token to double up as an oracle token...
if anyone has ideas on implementation - would love to see them discussed and of course, apply to the UNI Grants Program - unigrants.org!
Hm but I'm not sure how "low latency" a stablecoin can handle. Maker requires an hourly price. How does this actually function? You can't have a quorum of UNI holders voting every hour. Also doesn't delegation introduce a potential centralization risk?
Like the idea, curious about implementation.
Uniswap as a highly secure oracle system is much needed; and is a great idea. I am trying to grasp how UNI will be used in the model. My hope is it does not require extensive hardware requirements like running a full node. To be an oracle reporter is to be a holder of UNI, or does it require also being a Liquidity Pooler (with locked up funds) to gain UNI incentives or potential slashing in the case of maliciousness?
Is being an oracle a passive or active experience? I.e is the oracle in the center (like the treasury) passively running and token holders vote as a whole occasionally during a price dispute, or is each UNI token holder or LP'er actively reporting specific paired pricing constantly. How is off-chain currency data aggregated with UNI oracles?
Uniswap as a highly secure oracle system is much needed; and is a great idea. I am trying to grasp how UNI will be used in the model. My hope is it does not require extensive hardware requirements like running a full node. To be an oracle reporter is to be a holder of UNI, or does it require also being a Liquidity Pooler (with locked up funds) to gain UNI incentives or potential slashing in the case of maliciousness?
Is being an oracle a passive or active experience? I.e is the oracle in the center (like the treasury) passively running and token holders vote as a whole occasionally during a price dispute, or is each UNI token holder or LP'er actively reporting specific paired pricing constantly. How is off-chain currency data aggregated with UNI oracles?
I am in support of an improvement that allows token holders to become more engaged in the Ethereum ecosystem.
LINK's superlinear staking which is already mostly built solves for the need outlined here in its entirety. I have a hard time believing real Vitalik is not aware of this, but willing to be proven wrong.
I can confirm this is the real Vitalik, he reached out before posting because the username vbuterin was reserved
The liquidators would be watching the price, and if they see that the price is low enough that a CDP is undercollateralized, they would start the liquidation process. But the liquidation process would be challengeable and could be challenged many times, so the final result would not be known for some time (and this is okay! the liquidator’s extra collateral would cover any extra price movements that happen while the CDP is in the “liquidation pending” state)
Most liquidation bots require instant arbitrage or they won't play. Requiring they take on a liquidation position and then hold it for an undefined amount of time results in the bots refusing to participate until the asset slips way down. For a volatile asset, this threshold for where the bots will start participating can end up being below the collateralize ratio.
LINK's superlinear staking which is already mostly built solves for the need outlined here in its entirety. I have a hard time believing real Vitalik is not aware of this, but willing to be proven wrong.
I can confirm this is the real Vitalik, he reached out before posting because the username vbuterin was reserved
The liquidators would be watching the price, and if they see that the price is low enough that a CDP is undercollateralized, they would start the liquidation process. But the liquidation process would be challengeable and could be challenged many times, so the final result would not be known for some time (and this is okay! the liquidator’s extra collateral would cover any extra price movements that happen while the CDP is in the “liquidation pending” state)
Most liquidation bots require instant arbitrage or they won't play. Requiring they take on a liquidation position and then hold it for an undefined amount of time results in the bots refusing to participate until the asset slips way down. For a volatile asset, this threshold for where the bots will start participating can end up being below the collateralize ratio.
Data is valuable! If you have it, use it! I do believe that Uniswap will continue be the leading DEX protocol for ETH/USD (stable coins) as time goes on. Yes, Chainlink is the best protocol for oracles as many would say, but in order to decentralize (minimize the chance of failure) the ETH/USD price, it would benefit from the addition of a different type and source of oracle. Ethereum, and therefore UNI, will benefit if this proposal is passed.
Data is valuable! If you have it, use it! I do believe that Uniswap will continue be the leading DEX protocol for ETH/USD (stable coins) as time goes on. Yes, Chainlink is the best protocol for oracles as many would say, but in order to decentralize (minimize the chance of failure) the ETH/USD price, it would benefit from the addition of a different type and source of oracle. Ethereum, and therefore UNI, will benefit if this proposal is passed.
This is a great idea and makes a tremendous amount of sense for next-level usage of UNI and Uniswap’s price mechanism.
Too many people here are reading this as an attack on Chainlink. However, Vitalik actually appears to be praising Chainlink while also suggesting that a more lightweight alternative may be useful in certain cases. He’s right.
This is a great idea and makes a tremendous amount of sense for next-level usage of UNI and Uniswap’s price mechanism.
Too many people here are reading this as an attack on Chainlink. However, Vitalik actually appears to be praising Chainlink while also suggesting that a more lightweight alternative may be useful in certain cases. He’s right.
What’s wrong with projects having a choice? There is no monopoly on oracle services and Uniswap can fill a gap that Vitalik has identified here.
Solid points have been raised and addressed so far. I haven't seen any real deal-killers yet. I would definitely like to see this fleshed out some more, and I’d like to find a way to discuss it where conflicts of interest are filtered out as efficiently as possible.
The real problem here is that this proposal itself is yet another situation that UNI holders probably don’t have any meaningful power to resolve. It seems that this would realistically be up to the core team and could require quite a shift to its roadmap (unless this was already somehow in the works).
Just signal boosting @kenneth here: If you're interested in writing a spec for an implementation or publishing research to develop this idea, definitely apply to the UNI Grants Program.
This is a great idea and makes a tremendous amount of sense for next-level usage of UNI and Uniswap’s price mechanism.
Too many people here are reading this as an attack on Chainlink. However, Vitalik actually appears to be praising Chainlink while also suggesting that a more lightweight alternative may be useful in certain cases. He’s right.
This is a great idea and makes a tremendous amount of sense for next-level usage of UNI and Uniswap’s price mechanism.
Too many people here are reading this as an attack on Chainlink. However, Vitalik actually appears to be praising Chainlink while also suggesting that a more lightweight alternative may be useful in certain cases. He’s right.
What’s wrong with projects having a choice? There is no monopoly on oracle services and Uniswap can fill a gap that Vitalik has identified here.
Solid points have been raised and addressed so far. I haven't seen any real deal-killers yet. I would definitely like to see this fleshed out some more, and I’d like to find a way to discuss it where conflicts of interest are filtered out as efficiently as possible.
The real problem here is that this proposal itself is yet another situation that UNI holders probably don’t have any meaningful power to resolve. It seems that this would realistically be up to the core team and could require quite a shift to its roadmap (unless this was already somehow in the works).
Just signal boosting @kenneth here: If you're interested in writing a spec for an implementation or publishing research to develop this idea, definitely apply to the UNI Grants Program.
