Disputes and Security

Protecting Users.

All protocols relying on oracles are exposed to some risk of manipulation or incorrect value submission, as well as other attacks that prevent the normal operation of the protocols, for example repeatedly disputing a value to prevent protocol usage.

We rely on Tellor’s dispute resolution procedure to handle markets whose metrics are in dispute at expiry. To accommodate this there is an approximately 15 minute pause after market expiry, this provides plenty of time for a dispute to be recorded if the oracle submission does not match the real value. We will deploy our own auto-disputer to ensure that incorrect values are disputed, although this is not necessary since there are major financial incentives to successful disputers in Tellor.

If there is a dispute on the oracle, the market is effectively frozen until that dispute is resolved on the oracle, and as soon as a value has been accepted by the oracle the market is considered settled, and users can withdraw.

Providence is much harder to dispute or manipulate than natural-language defined markets since the only data from oracles is numerical, and the source attached to a metric is considered canonical.

Due to the centralised nature of the data sources, there is one final risk, which is intentional manipulation by the data provider. This is fundamentally unavoidable unless a data source can be derived entirely on-chain, but using contracts (for example the token ratios in a Uniswap pool) to derive data opens an attack vector for manipulation via the contracts from which the data is pulled (for example flash-loan attacks). We mitigate the centralisation risk by using major, well-established and proven-reliable data providers.