Permissionless-pool lending oracle
Save (formerly Solend)'s assessment for RD-F-181 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
Save's permissionless pool architecture allows anyone to create an isolated lending pool (100 SLND fee) and configure their own oracle, including a self-created Switchboard feed from a single DEX venue (Raydium, Orca, Saber, etc.) with no TWAP requirement, no liquidity-floor enforcement, and no token-age minimum at the protocol level. Protocol docs state: 'pool creators are expected to create their own oracles which can be prone to error or used incorrectly (e.g. USDC oracle used for UST price).' November 2022 USDH exploit ($1.26M loss) was exactly this failure mode: creator-configured Switchboard oracle from single Saber DEX pool, no TWAP — spot price pumped 8-15x, bad debt accrued across 3 isolated pools. Structural vulnerability persists as of 2026-05-17; no protocol-level oracle quality enforcement was added.
Sources #
- URL2022 Solana Hacks Explained: Solend — November 2022 USDH Oracle ExploitAckee Blockchain 2022 Solend hack: 'Solend was looking for price updates only using the Switchboard oracle from Saber pool' — single DEX pool, no TWAP, $1.26M lossretrieved 2026-05-17
- Save Finance — Permissionless Pools Risksdocs.save.finance/permissionless-pools/risks: 'pool creators are expected to create their own oracles which can be prone to error or used incorrectly'retrieved 2026-05-17
- Save Finance — Permissionless Pools Introductiondocs.save.finance/permissionless-pools/introduction: 'Anyone can create a permissionless pool... 100 SLND fee'; Pyth and Switchboard supported — no oracle quality enforcementretrieved 2026-05-17
Methodology #
Determine whether the lending protocol accepts spot prices from a DEX where any user can permissionlessly create new pools, without requiring a TWAP window, liquidity floor, or token-age minimum on the venue side.
See the full factor methodology and distribution across all protocols →