defirisk.co
rubric v1.7.0

TWAP window duration

A oracle & external dependencies factor in the v1.7.0 rubric. Measured per protocol on a s cadence.

Methodology how we score #

**What this measures** This factor records the TWAP window duration in minutes for each oracle that uses a time-weighted average price. Windows shorter than 30 minutes are flagged as high risk. The value is extracted per oracle via source inspection and on-chain reads.

**Why it matters** TWAP window length is the primary determinant of how expensive a price manipulation attack is to execute. A 1-minute TWAP requires the attacker to hold a position for only 60 seconds — achievable with a flash loan sequence across multiple blocks. A 30-minute TWAP requires sustained capital lock-up that makes the attack economically irrational for most targets. The T-01 evidence base links short or nonexistent TWAP windows to approximately 15 protocols in the hack database. The cost-of-attack scales roughly linearly with window length for low-liquidity pools; for high-liquidity pools, window length interacts with pool depth to determine the true manipulation threshold.

**Green / Yellow / Red** Green is scored when all TWAP-based oracles use windows of 30 minutes or longer. Yellow is scored when at least one TWAP oracle uses a window between 10 and 29 minutes. Red is scored when any TWAP oracle uses a window under 10 minutes, or when no TWAP is used at all (scored alongside RD-F-053).

**Common gray cases** Gray is applied when the TWAP implementation uses dynamic observation selection that cannot be reduced to a fixed window duration, or when the oracle is an aggregated feed whose internal averaging methodology is not publicly documented.

**Notable historical examples** No cross-hacked incidents are currently linked in the database for this factor.

Measurement what to look for #

For each DEX-TWAP oracle, measure the TWAP window duration in minutes; flag any window < 30 minutes as high risk.

Data & output #

Data source
Source inspection of `OracleLibrary.consult()` period parameter or equivalent on Etherscan-verified source
Output format
Green / Yellow / Red
Evidence artifact
TWAP window in seconds per oracle + contract address
Confidence signal
green = all TWAP windows ≥30 min; yellow = any TWAP window 10–29 min; red = any TWAP window <10 min; gray = protocol does not use TWAP oracles (N/A) or source unverified

Scored protocols 80 carry this factor #

Protocol RD-F-054
Aave v3 ethereum green Across Protocol ethereum not_applicable Aerodrome Finance base not_applicable Axelar Network ethereum green Babylon Protocol bitcoin not_applicable Balancer (v2 + v3) ethereum not_applicable Beefy Finance ethereum red BENQI avalanche not_applicable BlackRock USD Institutional Digital Liquidity Fund (BUIDL) ethereum not_applicable Cap (cUSD / stcUSD) ethereum not_applicable Centrifuge ethereum gray Chainlink CCIP ethereum not_applicable Circle USYC binance not_applicable Compound V3 (Comet) ethereum not_applicable Concrete ethereum green Convex Finance ethereum not_applicable crvUSD (Curve Stablecoin) ethereum yellow Curve Finance ethereum yellow deBridge ethereum not_applicable Dolomite ethereum yellow dYdX v4 (dYdX Chain) dydx green EigenLayer ethereum not_assessed Ethena ethereum green ether.fi ethereum yellow Euler V2 ethereum yellow Falcon Finance ethereum not_applicable Fluid ethereum not_applicable Frax Finance ethereum not_applicable GMX v2 (GMX Synthetics) arbitrum not_applicable Hyperlane ethereum green Hyperliquid arbitrum gray Jito solana not_applicable Jupiter solana not_applicable Jupiter Perpetual Exchange solana not_applicable JustLend DAO tron not_applicable Kamino Lend solana yellow Kinetiq hyperliquid not_applicable Lido ethereum not_applicable Liquid Collective (LsETH) ethereum not_applicable Liquity V1 + V2 (LUSD / BOLD) ethereum not_applicable Lista DAO bsc green Lombard Finance ethereum gray M^0 ethereum not_applicable Maple Finance ethereum not_applicable Marinade Finance solana not_applicable Meteora solana not_applicable mETH Protocol ethereum not_applicable Midas ethereum not_applicable Morpho V1 (Morpho Blue + MetaMorpho) ethereum not_applicable Multipli ethereum gray Ondo Finance ethereum not_applicable OpenEden ethereum not_applicable Orca solana not_applicable PancakeSwap bsc not_applicable Pendle Finance ethereum yellow Polymarket polygon not_applicable QuickSwap polygon green Raydium solana green Rocket Pool ethereum not_applicable Sanctum solana not_applicable Save (formerly Solend) solana not_applicable Sky Lending (formerly MakerDAO) ethereum gray Spark Protocol ethereum green Spiko stellar not_applicable Stake DAO ethereum green StakeWise v3 ethereum not_applicable Stargate Finance ethereum gray stHYPE (Valantis Labs) hyperliquid not_applicable SUNSwap (sun.io) tron not_applicable Superstate ethereum gray Sushi (SushiSwap) — v2 + v3 + Trident + BentoBox/Kashi + SushiXSwap ethereum yellow Symbiotic ethereum not_applicable Synapse Protocol ethereum not_applicable Uniswap (v2 + v3) ethereum not_applicable USDD (Decentralized USD) tron not_applicable Usual (USD0 / bUSD0 / USUAL) ethereum not_applicable Veda (BoringVault) ethereum not_applicable Venus Protocol bsc yellow Wormhole ethereum gray Yearn Finance ethereum not_applicable
1 red · 9 yellow · 11 green

Linked hacks no historical incidents linked #

No historical incidents are linked to this factor.
rubric_version v1.7.0 factor RD-F-054 category 3 carried 80 critical no