Oracle price deviation >X% from secondary

Save (formerly Solend)'s assessment for RD-F-099 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Oracle price deviation >X% from secondary source. T-09 v1 shortlist — phase-2. Applicable to Solana (Pyth as primary, Switchboard as secondary or vice versa, with DEX TWAP as tertiary). CRITICAL historical context: the Nov 2022 Solend oracle attack exploited a single-source USDH price feed from a Saber pool, pumping USDH from $0.99 to $8.80 (first attempt) and ~$15 (second attempt). A cross-source oracle deviation signal (F099) would have fired within blocks of the first pump. This is the highest-value T-09 signal for Save. No current oracle deviation detected as of 2026-05-17. Per-asset secondary-source map for Solana Pyth/Switchboard feeds has not been built.

Sources #

URL
Ackee Blockchain — 2022 Solana Hacks Explained: Solend (oracle attack details)Ackee Blockchain analysis of Nov 2022 Solend oracle attack — single Saber pool as price feed, manipulation vectorretrieved 2026-05-17
URL
Solend official blog — USDH price manipulation impact on isolated poolsNov 2022 oracle attack: Switchboard registered the escalated USDH price; cross-source check against Pyth would have detected deviation immediatelyretrieved 2026-05-17

Methodology #

Detect whether the primary oracle's reported price deviates >X% from the best available secondary source (another feed or venue).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol save factor RD-F-099 score gray collected_at 2026-05-17 15:20:15