Chainlink founder and CEO Sergey Nazarov has said that hackers will continue to come after DeFi protocols unless they change the way they get their price information.
His comments on the Decrypt Daily podcast, published Friday, come after DeFi protocols lost over $100 million in a string of flash loan attacks that attacked Compound ($89 million), Harvest Finance ($34 million) and Cheese Bank ($3.3 million).
The projects were hit by hackers who manipulated the price of stablecoins held in the protocols because they misappropriated DeFi protocol Curve as a price oracle.
Hackers were able to target the projects because they all relied on Curve Finance’s data on the price of crypto held in its liquidity pools.
Nazarov said on the podcast that all the attacks were “related to using a single centralized exchange as a price source”—and that these kinds of attacks will keep happening, even if protocols start getting their data from two or three sources.
“I think it’s a serious concern that both developers of these protocols should look into.”
Nazarov said that Chainlink has been resistant to problems because it uses multiple data sources—getting data from “hundreds of exchanges.”
For DeFi protocols to avoid problems in the future, they will have to think about how they source their data, he said.
Since the attacks, decentralized exchange Curve Finance warned DeFi projects to use Chainlink, which uses a decentralized oracle network (it gets data from one blockchain to another safely, so it can’t be manipulated.)
It looks like the hottest new DeFi projects will have to step their game up when it comes to security or millions more will be lost.