Oracle manipulation is the most consistently successful attack pattern in DeFi history.
The setup: a protocol uses an on-chain price source (e.g., the spot price of a Uniswap pool, or a single Chainlink feed) to value collateral, mint tokens, or compute payouts. The attacker temporarily moves that price, often using a flash loan, and triggers protocol logic at the manipulated valuation.
Common forms:
- Spot-price manipulation: drain or stuff a low-liquidity AMM pool to skew the reported price.
- Stablecoin depeg manipulation: feed a wrong price during a real depeg event.
- Cross-pool manipulation: arbitrage one pool against another to set the reading the target protocol uses.
Mitigations are well-known and consistently underused:
- Use TWAPs (time-weighted average prices) over a window long enough that a single block can't move them.
- Use redundant oracle sources (Chainlink + your own backup) and require agreement.
- Cap protocol exposure to any single oracle's worst-case lie.
If your protocol uses spot price for anything other than cosmetic display, treat it as an open vulnerability.