@venusprotocol/oracle
Advanced tools
Readme
Resilient Price Feeds is a set of smart contracts that uses multiple oracles and a price validation algorithm to fetch asset prices for the Venus Protocol.
DeFi protocols are vulnerable to incorrectly reported prices which can lead to lost money. A price oracle can be manipulated,fail, or suffer other attacks depending on the type of price oracle. It creates a single point of failure, opening attack vectors to the protocol if not mitigated.
The Resilient Price Feeds uses multiple oracle sources and fallback mechanisms to return accurate prices and protect from oracle failures. Currently, it includes integrations with Chainlink, RedStone, Pyth and Binance Oracle oracles.
The Resilient Price Feeds configures a main, pivot and fallback oracle for every asset. The main oracle is the most trustworthy price source, the pivot oracle is used as a loose sanity checker and the fallback oracle is used as a backup price source.
Oracle prices are validated using an upper and lower bound ratio, which is set for every market. The upper bound ratio represents the deviation between the reported price (price from oracle that’s being validated) and anchor price (price from oracle we are validating against) beyond which the reported price will be invalidated. The lower bound ratio presents the deviation between reported price and anchor price below which the reported price will be invalidated. For an oracle price to be considered valid the below statement should be true:
anchorRatio = anchorPrice/reporterPrice
isValid = anchorRatio <= upperBoundAnchorRatio && anchorRatio >= lowerBoundAnchorRatio
The default configuration uses Chainlink as the main oracle, RedStone or Pyth oracle as the pivot oracle depending on which supports the given market and Binance oracle as the fallback oracle. For some markets we may use RedStone or Pyth as the main oracle if the token price is not supported by Chainlink or Binance oracles.
When fetching an oracle price, for the price to be valid it must be positive and not stagnant. If the price is invalid or stagnant it is ignored and a fallback oracle is used.
NodeJS - 14.x
Solc - v0.8.13 (https://github.com/ethereum/solidity/releases/tag/v0.8.13)
yarn install
Linting is done using eslint for typescript and solhint for solidity. Prettier is used to format solidity and typescript files.
To check linting and formatting on all files run:
$ yarn lint
Linting command can be run with the fix flag to fix eligible errors automatically
$ yarn lint:sol --fix
$ yarn lint:ts --fix
To pretty all files run:
$ yarn prettier
npx hardhat test
Releases are automatically managed using semantic-release and commit messages.
npx hardhat deploy
./deploy directoryhardhathardhat.config.ts - Add PRIVATE_KEY variable in .env file - Execute deploy command by adding --network <network_name> in the deploy command above - E.g. npx hardhat deploy --network bsctestnettags for example: - func.tags = ["MockTokens"];--tags "<tag_name>,<tag_name>..." to the deployment command will execute only the scripts containing the tags.Contract addresses and abis are exported in the deployments directory. To create a summary export of all contracts deployed to a network run.
$ yarn hardhat export --network <network-name> --export ./deployments/<network-name>.json
npx hardhat etherscan-verify --network <network-name>
npx hardhat accounts
npx hardhat compile
npx hardhat clean
npx hardhat test
npx hardhat node
npx hardhat help
REPORT_GAS=true npx hardhat test
npx hardhat coverage
TS_NODE_FILES=true npx ts-node scripts/deploy.ts
npx eslint '**/*.{js,ts}'
npx eslint '**/*.{js,ts}' --fix
npx prettier '**/*.{json,sol,md}' --check
npx prettier '**/*.{json,sol,md}' --write
npx solhint 'contracts/**/*.sol'
npx solhint 'contracts/**/*.sol' --fix
Documentation is autogenerated using solidity-docgen.
They can be generated by running yarn docgen
FAQs
Venus Protocol Price Oracle
The npm package @venusprotocol/oracle receives a total of 360 weekly downloads. As such, @venusprotocol/oracle popularity was classified as not popular.
We found that @venusprotocol/oracle demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.
Security News
This episode of the Risky Biz podcast discusses how the rise of small open source packages and the shift towards individual maintainers makes the ecosystem more vulnerable to supply chain attacks.
Product
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.