Summary:
This proposal introduces a targeted safeguard mechanism to protect Venus from oracle–DEX price divergence risks through action-specific controls rather than blanket pauses. The approach improves protocol safety while preserving usability.
The system will be deployed on BNB Chain only, beginning with $CAKE, and may be expanded to additional assets or networks following successful evaluation and community feedback.
Description:
To further strengthen Venus’ defences against price manipulation and oracle–DEX discrepancies, we are proposing a new safeguard mechanism that cross-verifies oracle prices with on-chain DEX prices and selectively restricts protocol actions when material deviations are detected.
The key goal is to avoid broad, asset-wide pauses and instead apply per-action, per-market controls, ensuring that only economically risky operations are restricted while the rest of the protocol remains functional.
This mechanism will be introduced on BNB Chain only in its initial phase, with $CAKE selected as the first market for rollout. Expansion to additional assets or chains will be considered only after evaluation and community feedback.
Context:
Discrepancies between external oracle prices (e.g. Resilient Oracle) and on-chain DEX prices can create exploitable conditions, particularly during periods of volatility or thin liquidity.
Two primary risk scenarios are addressed:
-
DEX price materially higher than oracle price
When an asset trades higher on DEXs than in the oracle, the protocol undervalues it. This enables an attacker to borrow the asset cheaply and sell it externally for profit, potentially draining liquidity.
Mitigation: Restrict borrowing for the affected asset.
-
DEX price materially lower than oracle price
When an asset trades lower on DEXs than in the oracle, the protocol overvalues it as collateral. This allows users to over-borrow and offload risk externally, creating potential bad debt.
Mitigation: Set the asset’s Collateral Factor to 0.
The mechanism is designed to respond only to meaningful deviations that introduce clear economic risk, rather than normal, short-lived price movements.
Proposed Solution:
We propose an automated emergency safeguard system combining off-chain monitoring with on-chain enforcement:
- An off-chain service continuously compares Resilient Oracle prices with on-chain DEX prices (e.g. PancakeSwap).
- When a significant deviation is detected, the monitor triggers a targeted restriction.
- Only the specific protocol actions exposed to exploitation are restricted (e.g. borrow or collateral usage), rather than pausing the entire market.
To minimise false positives, optional on-chain validation can be performed by comparing oracle prices with trusted DEX liquidity pools before applying any restrictions.
Once prices normalise and liquidity returns to equilibrium, the affected actions can be automatically restored.
Operational Considerations:
- The initial rollout will be limited to BNB Chain, starting with the $CAKE market.
- An EOA with limited permissions may be retained during the early phase to manage safeguards while the system matures.
- The off-chain monitor can integrate with governance infrastructure (e.g. Gnosis Safe) and alerting systems for transparency and operational readiness.
- All parameters, markets, and permissions will remain fully governed.