Circuit breaker on price deviation

Save (formerly Solend)'s assessment for RD-F-057 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No circuit breaker on price deviation implemented in the program. The only guard is slot-based staleness (20 slots for Pyth, 100 for Switchboard). If a price is current and non-stale, it is accepted regardless of magnitude. The November 2022 USDH exploit demonstrated this exactly: the attacker pumped USDH from $0.99 to $8.80 (then to ~$15) — prices were current and non-stale, accepted by the protocol. No deviation-from-reference check exists. Pyth confidence intervals are used informally but do not constitute a configurable circuit breaker.

Sources #

GitHub
Solend processor.rs — no circuit breaker implementationprocessor.rs get_pyth_price() and get_switchboard_price() — staleness check only; no deviation-from-reference guardretrieved 2026-05-17
URL
2022 Solana Hacks Explained: Solend — no circuit breaker confirmedAckee Blockchain 2022 hack — USDH pumped to 8x/15x; price was non-stale; protocol accepted inflated price without circuit breakerretrieved 2026-05-17

Methodology #

Determine whether the protocol halts or reverts if the oracle-reported price deviates by more than X% from a reference within Y blocks.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol save factor RD-F-057 score red collected_at 2026-05-17 15:20:15