The following guide aims at helping protocols integrate safely with Curve. Curve itself was never exploited and does not rely on oracles.
Building Price Manipulation Resistant DeFi Applications with Curve Finance Liquidity Pools
Curve Finance is an exchange protocol featuring a highly optimized Automated Market Maker (AMM) designed to offer the lowest slippage on stablecoin swaps. Given the like-kind nature of stablecoin assets, exchange rates for swaps are generally stable.
However, as we’ve recently discovered over the past month, there is a security concern where a well capitalized actor or a flash loan enabled adversary can execute a large swap on Curve to temporarily distort the prices of the two stablecoins involved as compared to the wider market prices for those assets. A malicious user can then exploit this price distortion by taking a position on a DeFi protocol that offers Curve LP (Liquidity Pool) tokens as a collateral option which also relies on Curve as their price oracle when conducting transactions. The straightforward solution to this issue is to avoid using Curve as a price oracle and to rely on a reliable price oracle that provides an accurate picture of the global market price of the asset in a Liquidity Pool.
Curve pools have so-called virtual price which can be useful for safe pricing of Curve LP tokens. It represents a non-manipulatable USD value of Curve LP tokens. Unfortunately, it doesn’t correspond to value in any particular stablecoin though which can be a significant limitation when designing protocols.
In order to help maintain the security of the Curve ecosystem we’d like to share a solution to solving this issue for the DeFi protocols using Curve LPs. We recommend that DeFi Protocols using Curve LPs implement the below design pattern using Chainlink Price Feeds as a way to eliminate their exposure to flash loan attacks. The security concerns around using single price sources in DeFi is becoming increasingly clear and we strongly recommend that DeFI protocol relying on Curve LPs take their correct use of oracles and exposure to flash loan attacks seriously.
1. Find the correct price feeds for your LP token.
First, you need to identify the appropriate Chainlink Price Feeds for each LP token. For example, if you want to price the 3pool in ETH, you should use the respective feeds for each token within the pool, which in this case would be DAI, USDT and USDC. As such, you would start using the DAI/ETH, USDT/ETH and USDC/ETH Price Feeds from Chainlink.
2. Get the price feed addresses for your contract
You can find each Price Feed and their respective addresses here. You can also contact the Chainlink integration team at firstname.lastname@example.org in order to get an in-depth introduction on any additional price feed mechanisms you might need and the best ways to leverage them.
3. Query the latest price from each feed and take the minimum price.
Once you have found the right addresses, you can get the prices from each feed as explained in this section of the Chainlink docs. After you have queried the prices, take the minimum value among those, which is represented by min_value = min (price1, price2 … priceN)
4. Get the virtual price for your LP token and multiply it with the minimum value obtained earlier
The virtual price in curve is obtained through taking the invariance of the pool, which by default takes every stable coin as valued at 1.00 USD. You can get the virtual price of each pool by calling the get_virtual_price function for it. Once you’ve gotten this price, you can now multiply it with the min_value obtained earlier. Hence, min_lp_price = min_value * virtual_price.
You can now use the price we just calculated as a lower bound on the value of LP tokens in your applications, which is both reliable and resistant against any kind of flash loan attack. For any queries on this implementation, please contact the Chainlink team at email@example.com and they will be happy to help you incorporate this reliable pricing mechanism into your application. In addition, don’t hesitate to contact us at firstname.lastname@example.org if your use of LP tokens is more complicated than described above and you are not sure on whether your design is safe.