★ Oracle source = spot DEX pool (no TWAP)
Save (formerly Solend)'s assessment for RD-F-053 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
Main pool and team-curated isolated pools: NOT spot-DEX-only — Pyth and Switchboard are multi-source aggregated professional oracles. HOWEVER: permissionless pools allow any creator to configure a Switchboard oracle from a single DEX source. November 2022 USDH exploit confirmed: Switchboard oracle for USDH drawn solely from Saber USDH/USDC pool (single spot price, no TWAP) — $1.26M loss. This structural vulnerability persists for the permissionless pool tier. No protocol-enforced TWAP requirement or multi-source requirement for creator-supplied oracles. Score is yellow (not red) because: (1) main pool and team-curated pools use professional multi-source oracles; (2) permissionless pools are isolated — exploit cannot drain main pool; (3) risk is real and historically confirmed but bounded to permissionless pool TVL.
Sources #
- DocsSave Finance — Switchboard V2 Guide for Permissionless Poolsdocs.save.finance/permissionless-pools/switchboard-v2-guide — creators configure Switchboard from CEX or DEX sources (Raydium, Orca) — single venue possibleretrieved 2026-05-17
- DeFi Protocol Solend Struck by $1.26M Oracle ExploitCoinDesk — '$1.26M oracle exploit'; single-source Switchboard from Saber poolretrieved 2026-05-17
- 2022 Solana Hacks Explained: Solend — November 2022 USDH Oracle ExploitAckee Blockchain — 'Solend was looking for price updates only using the Switchboard oracle from Saber pool'; attacker pumped spot price 8-15x; no TWAP guardretrieved 2026-05-17
Methodology #
Determine whether the primary oracle for any asset/market reads spot price from a single DEX pool without a TWAP window or secondary source.
See the full factor methodology and distribution across all protocols →