Oracle price deviation >X% from secondary

Hyperliquid's assessment for RD-F-099 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Hyperliquid uses a fully custom internal L1 oracle: stake-weighted median of 8 CEX spot feeds (Binance weight-3, OKX weight-2, Bybit weight-2, Kraken weight-1, Kucoin weight-1, Gate IO weight-1, MEXC weight-1, Hyperliquid spot weight-1). Oracle is embedded in the closed-source L1 binary — no on-chain EVM oracle contract exists to monitor for deviation. Bridge2 does not use any oracle. The JELLY incident (March 2025) demonstrated real oracle-path vulnerability via CEX price manipulation (Bybit weight-2 manipulated), but the EVM-side oracle deviation signal infrastructure is structurally non-applicable to this L1-native oracle. Structural gray: signal cannot be wired to HyperCore oracle via EVM tooling.

Sources #

Docs
https://hyperliquid.gitbook.io/hyperliquid-docs/hypercore/oracleretrieved 2026-04-28
URL
https://medium.com/@cryptorescuesquad/oracle-manipulation-a-case-study-on-jelly-jelly-f359d5a7eb02retrieved 2026-04-28

Methodology #

Detect whether the primary oracle's reported price deviates >X% from the best available secondary source (another feed or venue).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol hyperliquid factor RD-F-099 score gray collected_at 2026-04-28 13:58:49