- On November 22nd, around noon UTC, there were systematic deviations in the value of some assets due to HTX (Huobi) hack.
- GRAIL price feed was momentarily affected by such deviations, with some trades going down to price ranges of under 600 USD / GRAIL. The actual perceived market price at the time was around 1200-1400 USD / GRAIL.
- Three users became insolvent and had their GRAIL-backed loans liquidated, losing roughly $21K in liquidation fees.
- DIA fixed the issue with GRAIL/USD price feed. The feed has been reporting accurate values.
- Impacted users have reached out to the team seeking compensation.
- We invite the community to participate in a discussion.
- Read the DIA disclosure at the end of the post for more details.
About Silo’s DIA data feeder
All oracle providers, including Chainlink, use decentralized exchanges (DEXs) and centralized exchanges (CEXs) as data sources to report the value of crypto on-chain. DIA oracle pull data from a number of CEXs and DEXs, apply filters to prevent manipulation and ensure data integrity, and then report them to some of Silo’s isolated markets: SILO; GRAIL; JONES; rDPX. Below we break down each price feed and the data sources used to report the value of the aforementioned assets.
SILO/USD: Uniswap and Camelot.
GRAIL/USD: Sources include Camelot, TraderJoe, MEXC, and others. Note Huobi was removed following the reported incident.
rDPX/USDC: Camelot and Uniswap. Note the market runs a risk label. We advise all users to withdraw funds.
PLS/USD: Sources include Uniswap and Camelot.
JONES/USD: Sources include MEXC, Camelot, Sushi.
Y2K/USD: Note the DIA oracle is NOT maintained by the Silo team. The oracle receives data from Balancer and Uniswap.
For the community to address
- Are the three users entitled to receive compensation?
- By compensating the users, would not the Silo DAO set a precedent that can be used against it in the future? How can the DAO be responsible for the performance of an external service where prevention and control fall outside the purview of the DAO?
- Does the DAO have an ethical obligation to stand by its community of token holders and users?
Please reply to the thread below with your response.
DIA report below
The following is a report published by the DIA team. You can direct any questions to the DIA team by replying to the thread below:
The Silo oracle experienced a deviation from the perceived market value of GRAIL. This happened in conjecture with a hack on one of the centralized exchanges that this feed uses as a source. This exchange (HTX, formerly known as Huobi) has been delisted in the process of the mitigation.
Recap of events
This hack lead to systematic deviations in some assets from the perceived market value shortly after noon UTC on Oct 22nd 2023.
GRAIL was also affected from such deviations, with some trades going down to price ranges of under 600 USD / GRAIL. The actual perceived market price at the time was around 1200-1400 USD / GRAIL.
Filters and methodologies
Most of the deviating trades were mitigated by an interquartile range outlier filter in the price calculation layer leading to the dismissal of the trades. However, in some affected time ranges the number of trades in the overall market was quite low, so that the HTX trades were considered as possible actual trades, respectively the number of HTX trades was the majority of trades we saw and the average price was close to their reported prices. It should be noted that the other sources for GRAIL prices include DEXes that usually have lower number of trades, which can lead to situations where in the 120s window of trade evaluation all or almost all trades come from the centralized exchange source.
In most of these cases the second deviation mechanism in the oracle feeder prevented updates to the oracle: The comparison to the published price from other data providers in the Silo feeder. However, as the deviation threshold in this feeder is 20% to the perceived market price, some prices were published to the oracle that were influenced by HTX prices but still close enough to the perceived market price.
For some long-tail assets the market rates are fluid and can deviate strongly under normal market conditions. This market rate deviation mechanism only triggers in extreme cases where an actual error in the price evaluation layer leads to prices that are completely unrepresentative of the overall market. False positives arising from too tight deviation thresholds should be avoided, otherwise it could happen in genuine market conditions that changes could be prevented from being reported in a timely manner.
At around 1:40 pm UTC our system shut down the HTX data source entirely identifying an unusual high number of deviations overall.
Altogether, this aberration was not unfounded (these trades on HTX existed at that time after all), but regarding the hack we think that these can be considered of lesser data quality.
In coordination with the Silo team the deviation threshold will be lowered to 7.5% for all assets except RDPX, as deviations in the range of up to 20% can frequently be observed, backed by actual DEX trades from pools with reasonable liquidity.
Historical data shows that the assets are usually within these 7.5% and do not deviate out of this window.
The live composition of available markets can always be seen in the DIA app for any asset. This is also why we link this information in any CDR so that it is always transparent which data sources are involved in an oracle price.