Risk Oracle

Yaron Velner presenting Risk Oracle at EDCON 2023


DeFi has seen tremendous growth in recent years, with billions of dollars in assets being locked into various DeFi platforms. However, to date, those billions of dollars risk management is somewhat opaque and the managing platform has a clear conflict of interest between its risk exposure and the growth of the platform.
To address this need, our community has proposed to develop an on-chain risk oracle. Such oracles could provide objective pieces of information in a transparent and decentralised manner. With that in hand, smart contract devs could use it in their dapps and mitigate conflict of interest concerns, growing trust among their user base.
B.Protocol has been building risk mitigation tools for over two years, and works closely with numerous DeFi platforms. Leading an initiative for a new on-chain risk oracle DeFi primitive seemed like a natural next step on our roadmap.
In this post, we will explain what the Risk Oracle is, why it is important for DeFi to have an on-chain risk feed, how the Risk Oracle is designed, and who could benefit from it.

The need for an on-chain risk oracle

DeFi platforms manage billions of dollars in user funds. In most cases, e.g, lending markets and yield aggregators, the protocol owners (a DAO or a multisig) have the authority to use or lend the funds in order to generate yield. This gives rise to the following issues:
  1. 1.
    The platforms might decide to take an excessive risk in order to increase the user and /or the platform’s yield. A yield aggregator might deposit user funds into risky platforms, a lending market might decide to list a risky asset due to high demand, etc.
  2. 2.
    The need for users to trust the platform’s risk management creates an entry barrier for new teams and DAOs, and leads to inefficient markets. Since it takes a long time for teams to build trust in their risk management capabilities and the robustness of their DAO in making the right decisions, users will favour lower yield (or higher fee) platforms that are more reputable.
  3. 3.
    The platform’s risk mitigation actions (e.g., delisting a risky asset due to changes in market conditions) are typically guarded by timelock and a tedious governance process which prevents taking action in a timely manner, though these actions are often time sensitive. .
An on-chain risk oracle can help mitigate the above concerns.
By integrating a risk feed into its protocol, a yield aggregator platform can verify to its users, by code, that a specific strategy is limited to deploying capital only in protocols and assets with a minimum pre-defined risk rating. This can help users choose strategies that align with their risk appetite and help align ROI expectations, as well as to adjust the risk of losses due to unexpected events or changes in market or platform conditions.
For example, a user who is comfortable with higher levels of risk may choose a strategy that deploys capital into lending protocols which provide higher APYs but with a lower risk rating (e.g. rated B rather than AA), while a user who is more risk-averse may choose a strategy that deploys capital into protocols with a stronger risk rating but lower APYs.
By using an on-chain risk oracle, the yield aggregator smart contract can verify the risk rating of the protocols or assets that are included in the strategy, and can even be coded to pull out funds and deploy them into another platform in case the platform’s rating is suddenly dropped due to changes in market or platform conditions.
Other use cases for an on-chain risk oracle can be
  • A lending market that codes a restriction that prevents it from listing a new risky (volatile) asset;
  • DAOs that enforce their treasury managers through smart contracts to invest only in platforms that meet their risk appetite;
  • Lending platforms that can automatically set their reserve rates (fees) dynamically according to risk rating changes.
Other use cases that will be revealed with time.

Oracle architecture

In order for the risk oracle to be decentralised and transparent, it should use an open source code whose output can be verified by anyone who wishes to run them. Such a risk framework is the one published by RiskDAO, which is suggested to be the first framework to be used by the risk oracle, though we anticipate more risk frameworks will join as open source data providers to the oracle as the network grows.
A network of independent validators will run the required software to provide risk ratings according to a set of pre-decided risk parameters, and the consensus result will be published on-chain by the oracle.
Risk Oracle High-Level Design
To ensure the integrity of the process and align the incentives of the validators, the risk oracle would implement a staking and slashing mechanism. Validators will be required to stake tokens, and in the event that their result deviates too much from other validators, their staked tokens will be slashed and distributed as rewards pro rata to other validators and network participants. Fees can be collected for reading the risk oracle feed (might be subsidized during initial stages to drive more traction), and other incentives might be proposed upon launch.

Oracle feed examples

The initial set of objective risk parameters that can be used to assess the risk of lending platforms is as follow:
  1. 1.
    Liquidations at risk (normalized by TVL): This metric reflects liquidated positions the lending platform would process in a Worst Day simulation. Worst Day simulates the current state of the platform during the biggest price drop in ETH history, normalizing other assets according to their volatility w.r.t ETH.
  2. 2.
    Existing bad debt in the platform: Some platforms operate with existing bad debt that was accrued historically through hacks or exploits, but many times is not published publicly.
  3. 3.
    Risky tokens listed on the platform: This metric considers the on-chain liquidity and the volatility of risky tokens listed on the platform as they can impose risk contagion.
  4. 4.
    Borrowing and lending caps: This metric considers whether the platform has borrowing or lending caps, and how high or low these caps are set, w.r.t. Market liquidity and other factors.
  5. 5.
    Smart contract updates: This metric tracks when the platform’s smart contracts were last changed and whether there are any planned or forecasted updates in the near future. Recently updated contracts can impose a higher risk exposure as the new contracts are yet to be battle tested.
  6. 6.
    Price oracles: This metric considers the price feeds used by the platform, including their stability and trustworthiness.
More parameters can be added and others can be replaced as the system matures.

Another lego piece for making DeFi platforms more robust

The idea of a new DeFi primitive that publishes risk rating on-chain doesn’t come from a void. B.Protocol community was founded in mid 2020 (after “Black Thursday” events) with one main goal — providing safer ways for the DeFi ecosystem to scale. The core values we stick to are keeping everything we build open-sourced and decentralized, aiming to drive more traction into the ecosystem by providing new and innovative risk-mitigating DeFi primitives others can build on.
Since then we have released our Backstop product, a robust liquidation engine that enables lending platforms to better secure their lenders’ funds, minimize the potential of accruing bad debt in the protocol, and facilitate better capital efficiency for borrowers — and doing all that while letting their users gain from liquidating unsafe positions from the platform. At the peak of the last bull market, the Backstop was trusted with over $300m of Backstoppers’ funds, coming from private users, funds, and DAOs.
After the Luna/UST crash, and from our experience talking with dozens of lending platforms, we realized there is a lack of knowledge and open-source tools for proper economic risk management. As a result, we launched RiskDAO together with 1kx research arm and other researchers and devs.
RiskDAO is dedicated to providing open-source tools, dashboards, and monitoring systems that give better transparency into lending platforms, stablecoins, and alt-L1s and L2 networks. By running simulations of tens of thousands of data points, RiskDAO provides real-time information and recommendations that help to set and manage better risk factors in the platforms that use its services. RiskDAO also provides some of its tools as public goods for anyone to use, such as the Bad Debt Dashboard.


The on-chain Risk Oracle is an important new DeFi primitive that aims to provide a way for devs to integrate the risks associated with DeFi into their protocol’s smart contracts. By using it, protocols can build risk-informed solutions that can scale safely and maintain user trust.
We are excited to see how the risk oracle will be used in the DeFi ecosystem and encourage readers to learn more about it by joining the B.Protocol community on Discord for discussions and feedback.