defirisk.co
rubric v1.7.0

Oracle price deviation >X% from secondary

Balancer (v2 + v3)'s assessment for RD-F-099 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Oracle price deviation >X% from secondary [T-09 v1] | Applicable: Partial — v2 rate providers for Boosted Pools; core v2 Vault does not use external oracles | No oracle deviation >1% detected on live Chainlink feeds (ETH/USD: 0x5f4eC3Df..., USDC/USD: 0x8fFfFfd4..., USDT/USD: 0x3E7d1eAB...) as of 2026-05-05. Rate provider manipulation was root cause of August 2023 $2.1M exploit; Linear Pools largely deprecated post-November 2025. v3 oracle hooks are immutable post-registration. No oracle deviation event in current window. | Threshold: Primary vs secondary deviation >1% sustained ≥4 blocks AND protocol uses primary for safety-critical reads | Would fire: No

Sources #

  • Etherscan
    https://etherscan.io/address/0x5f4eC3Df9cbd43714FE2740f5E3616155c5b8419retrieved 2026-04-28
  • URL
    https://docs-v2.balancer.fi/reference/contracts/deployment-addresses/retrieved 2026-05-05

Methodology #

Detect whether the primary oracle's reported price deviates >X% from the best available secondary source (another feed or venue).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol balancer factor RD-F-099 score green collected_at 2026-05-05 12:41:36