Oracle price deviation >X% from secondary

Morpho V1 (Morpho Blue + MetaMorpho)'s assessment for RD-F-099 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Two market-level oracle manipulation incidents confirmed: Oct 2024 (PAXG SCALE_FACTOR, $230K) and May 2025 (Aerodrome AMM LP oracle, $49K covered internally). Both on permissionless markets with spot-price oracles. No current major-market (ETH/USD, BTC/USD, USDC/USD Chainlink) oracle deviation detected.

Detail #

Threshold: |primary − secondary| / primary > 1% sustained ≥4 blocks AND protocol uses feed for safety-critical read. The two prior incidents confirm the attack class is active on Morpho's permissionless markets. Chainlink primary feeds (19 feeds in data cache) are operational as of assessment date. Yellow: signal is deferred to v1 phase 2 (requires secondary-source mapping per market), but posture is structurally exposed due to permissionless oracle architecture.

Sources #

Governance
https://forum.morpho.org/t/post-mortem-aerodrome-cusdo-usdc-amm-lp-oracle-manipulation-on-morpho-lending-market/1794retrieved 2026-04-27
URL
https://medium.com/coinmonks/decoding-morphoblues-230k-exploit-6296565ced40retrieved 2026-04-27

Methodology #

Detect whether the primary oracle's reported price deviates >X% from the best available secondary source (another feed or venue).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol morpho-v1 factor RD-F-099 score yellow collected_at 2026-04-30 21:19:13