Created OpenOracleFrameworkOracle.sol #28
Conversation
Integration of OpenOracleFramework for Oracle
|
This pr allows for anyone to use the oracle framework to deploy custom data feeds for tokens, such that the project teams and community can run their own oracles within minutes. |
|
Just to let you know... anyone can add any oracles to Kashi... BUT this oracle won't show up in the Kashi UI as part of Sushi. You can develop your own UI, show that the oracle works well and there are no ways to create exploit oracles. This will go a long way towards getting Sushi to add the oracle to their UI I would think. Anyway, my point is: don't let anything hold you back from implementing new oracles for Kashi. BentoBox and Kashi were designed as open systems. You don't need to get permission to launch new oracles ;) |
Let's be completely honest, should the oracles not be supported, and the pools not supported, then it's not really permissionless as you're still gatekeeping based on arbitrary concepts for whats safe. Any oracle platform can have exploit oracles even link, and the docs clearly say that users are expected to check oracles for pools. Not allowing users to create oracles limits what assets can be supported. Have you ever actually tried to get a link feed up, creates a large barrier for no good reason. There comes a point where jf we need to fork a front end, we may aswell fork the contracts for the fees and take the market for lending for tokens without link feeds (the majority) |
|
I'm not part of the Sushi team, so what they do and don't allow in the front end is up to them. Allowing any oracle is too dangerous in my opinion. I could just create an oracle with a backdoor. Once TVL looks nice I set the exchange rate to 0 and drain the pools. So oracle contracts should be reviewed as you can't expect users to be able to understand Solidity. If you'd really like Sushi to use other oracles, why not make it easy for them and provide not only the smart contracts, but also the UI implementation? In practice, that is a lot more work depending on the oracle. The Sushi UI doesn't just whitelist Chainlink. It also checks that the oracle is set up correctly. Most of the work was in this part. Kashi was delivered with TWAP oracle support, which would also allow nearly any pair to be supported. But the UI for this was never implemented, partially because it may be too confusing for user I think. I've also provided an example oracle for Sushi LP and UNIv2 LP positions to be used as collateral in the past. Also not yet put in production. Abracadabra uses the same oracle system and has a few more interesting oracles deployed. As to permissionless... Kashi contracts are. You can deploy any pool with any oracle. In the same way UniSwap contracts are permissionless. But what Sushi chooses to do with the website hosted on their domain, that's up to them. In the same way UniSwap filters out certain tokens. PS. The Kashi smart contracts have copyright. The UI is open source. |
Why the fuck do contracts have copyright. Thats completely counter to the open source narrative they have been pushing. As for being their domain thats fine, but the contracts not being open sources not fine as then they can't be changed to meet certain needs / used by other projects then. The checks arent that hard, you just check for a non 0 response from the call. We can help with that no problem. But to be honest never understood any protocol that limits options and access, this space was made to stop gatekeepers not just replace them and bad oracles shouldnt be able to get decent TVL as the community should filter the same way bad tokens dont just get bought just cause they are on a swap. |
|
Not sure why the hostility/aggressive stance... was just trying to help and clarify things. Anyway, just to clarify, I'm the one that owns the copyright, not Sushi. Good luck. |
Tbh copyright, licenses and any non open source practices are completely counter to what got into Crypto for 10y back. Anyone that follows these practices are no better than the banks, middlemen and are only doing so out of self interest and greed. We would not even have sushi without open source so any copyright at alls highly hypocritical. Would hope you change your mind and actually go open source. |
| // Get the latest exchange rate | ||
| /// @inheritdoc IOracle | ||
| function get(bytes calldata data) public override returns (bool, uint256) { | ||
| (address oracle, uint256 feedId) = abi.decode(data, (address, uint256)); |
There was a problem hiding this comment.
the data encoded seems to be different between peek and get
| address divide, | ||
| uint256 decimals | ||
| ) public pure returns (bytes memory) { | ||
| return abi.encode(multiply, divide, decimals); |
There was a problem hiding this comment.
the encoding here is incoherent with get and peek
There was a problem hiding this comment.
Based on the documentation, we assumed that these fns act as getspot and getprice, and assumed there was a need to know spot when TWAPs were used. So get was made to get the latest price update where peek waa the TWAP value to be protected.
| uint256[] memory twapEnd = new uint256[](1); | ||
|
|
||
| feedIdInput[0] = feedId; | ||
| twapStart[0] = block.timestamp - 60*60*24; |
There was a problem hiding this comment.
What reasoning makes you choose a 24hour TWAP?
There was a problem hiding this comment.
The 24h TWAP gives enough data and time to help protect flash events, while also being flexible enough to adapt to sudden market changes. The 24h TWAP provided could easily be changed though, depending on how much actual compatibility, the front end could pool creators choose the TWAP when an oof oracles detected, as all oracles are compatible with arb TWAPs.
| // Check the last exchange rate without any state changes | ||
| /// @inheritdoc IOracle | ||
| function peek(bytes calldata data) public view override returns (bool, uint256) { | ||
| (address twap, address oracle, uint256 feedId) = abi.decode(data, (address, address, uint256)); |
There was a problem hiding this comment.
should Oracle and TWAP be hardcoded to the official deployments?
0x00f0feed50DcDF57b4f1B532E8f5e7f291E0C84b and 0x76D98B6d5165F68cfD948702Bf92C3a53b5f57A1 respectfully?
There was a problem hiding this comment.
Oracle should not as that oracles simply a reference oracle ran by us, the real power from oof and use would be for anyone to use the framework to create pools for lending. The TWAP can be hardcoded though as thats oracle agnostic and just a tool to grab all values and create the TWAP.
| uint256[] memory twapStart = new uint256[](1); | ||
| uint256[] memory twapEnd = new uint256[](1); | ||
|
|
||
| feedIdInput[0] = feedId; |
There was a problem hiding this comment.
Do you have any mapping from feedIds to price feeds? (what the price feed represents e.g. ETH/USDC
Did you make any thoughts about combining price feeds?
There was a problem hiding this comment.
There are no mappings as oracles are free to submit any data they want for their oracle. You could simply check through getfeedlist for a matching name though.
| ) internal view returns (uint256) { | ||
| uint256 price; | ||
| uint256 decimals; | ||
| (price, , decimals) = IOpenOracleFramework(oracle).getFeed(feedId); |
There was a problem hiding this comment.
Is the spot price manipulatable?
There was a problem hiding this comment.
As these are oracles they choose the spot price source, they would probably use a platform like coingecko or the ETH price index which already uses multiple exchange prices to form prices making manipulation almost impossible unless spending bns USD. We also have the oracles have a threshold for multisjg, so 1 price submit will not be returned by the oracle as the latest, only median prices from n threshold.
| uint256 price; | ||
| uint256 decimals; | ||
| (price, , decimals) = IOpenOracleFramework(oracle).getFeed(feedId); | ||
| return price / decimals; |
There was a problem hiding this comment.
Does this already conform to the Kashi oracle standard of providing the price of 1e18 of asset?
There was a problem hiding this comment.
We standardize all feed returns to be 18 dec yes.
Integration of OpenOracleFramework
for Oracle