HomeLearnContributeFundingForumChat
    HomeLearnOracles
    Security
    Security

    How the Maker Protocol handles the security of oracles

    The oracle system for the Maker Protocol uses decentralized reporting to defend against fraudulent price data.
    There are multiple organizations and individuals who report price-data, they are called Feeds.
    At the launch of Multi-Collateral Dai, oracles received data from a total of 20 Feeds which consisted of 15 individuals and five public organizations.
    Oracles use the median of the reported prices for each asset as the reference price. Using a median instead of an average makes it harder to manipulate the reference price since control over half of the data providers is needed in order for a fraudulent price to be pushed through.
    Additionally, using a median naturally filters out irregular price data.

    Feeds

    Feeds are a mix of pseudonymous individuals and public organizations. Individuals consist of people internal to Maker, influential people in the greater crypto community, as well as some community members.
    Organizations involved in being Feeds at the launch of MCD can be found in the ratified DeFi Feeds proposal.

    Becoming a Feed

    All new Feeds go through MakerDAO’s governance in order to be added in. There is currently no formal way for Feeds to be added to the Maker Protocol.
    As of October 7th, 2019, the ratified Oracle Team Mandate grants the Interim Oracle Team the responsibility of being the intermediary between the Feeds and governance. In the coming months, the process of becoming a Feed will become more clear.

    Oracle Security Module

    The Oracle Security Module(OSM) safeguards the process by delaying price-feed data for one hour.
    Oracle Security Modules (OSMs) delay the publishing of new reference prices for a predefined set of time. This parameter is called the Oracle Security Module Delay and was set to be one hour at the launch of MCD.
    This allows MKR token holders and other stakeholders the time to react to bugs or attacks on the Oracles. An OSM is active on each Oracle in the Maker Protocol.
    This allows MKR governors and other stakeholders the time to identify bugs or attacks on the price-feed system. An OSM is active on all Oracles in the Maker Protocol.

    Medianizer

    A Medianizer is a type of smart-contract in the Maker Protocol’s Oracle system that collects price-data from Feeds and calculates a reference price by calculating a median.
    The Medianizer maintains a white-list of Feeds that can be controlled by MakerDAO governance. Every time a new set of price updates is received, the reference price is recalculated and queued into the Oracle Security Module which publishes the price after a delay period.
    Each time a relayer pushes a new set of medians to a Medianizer, it recalculates the median and updates the queued reference price in the Oracle Security Module(OSM). The OSM applies a time-delay and acts as the final publisher of the reference price.
    For technical documentation, please visit the Medianizer section of our Documentation Portal.

    Secure Scuttlebutt Network

    Secure Scuttlebutt is a database protocol for unforgeable append-only message feeds. For more information on how a Secure Scuttlebutt Network works visit this informative page on scuttlebot.io.