🔥 Day 4 of #30daysweb3security 
@Web3SecurityDAO

Today I continued my deep dive into the different types of Oracles and their pros/cons 🧵

Warden/Watson at C4/Sherlock

Follow me for onchain security info

@chainlink
 is the most widely used oracle but is considered 'centralized' as data feeds are provided by a group of node operators communicating with each other thru OCR (Off-chain reporting). 

Price feeds are reliable assuming operators do not collude.

@WeAreTellor
 is a decentralized oracle which works on the optimistic principle of 'true until proven false'. 

As shared in my Day 3 post, it is susceptible to manipulation IF its mechanics are not well understood;  Time is needed for false data to be challenged and rejected.

On chain oracles like 
@Uniswap
 V3 provide price data that is sourced entirely on chain. Data is calculated using TWAP (time-weighted average price). 

While these are the most decentralized and trustless, they are also highly prone to manipulation. Why?

Price from on chain oracles are calculated based on underlying assets in a liquidity pool. 

Low volume/liquidity pools are highly sensitive to injection of capital -- which are often targets of price manipulation hacks.