While traditional oracles rely on their proprietary tokens to maintain ecosystem health and secure operations, eOracle introduces a novel security approach with its dual-token design. The model synergizes the specific advantages of a protocol-dedicated token with the enhanced security and economic stability provided by a well-established token like ETH, used for staking purposes.

This dual-token approach marks a notable shift from the single token model. By incorporating ETH for staking purposes, eOracle connects to a broader and more resilient economic base. This strategy effectively mitigates risks associated with blockchain protocols that rely on protocol-specific tokens.

The following sections provide a mathematical analysis, showing the enhanced security and stability of such a system.

*Cryptoeconomic security* (CES) is a useful measure for analysis, consider the following;

Given a set of colluding validators that we henceforth term the *attacker*,* *we assume that the attacker has the ability to corrupt the majority of the validators. Therefore, the attacker possesses the power to manipulate the consensus process, potentially leading to double-spending, censoring transactions, or altering the integrity of the blockchain's state.

We capture this in the following definition.

In what follows, we explicitly assume that increasing the CES margin implies a more crypto-economically (CE) secure protocol and say that a protocol is *CE-secure* or *CE-vulnerable*, referring to a positive or negative CES margin, respectively.

Profit from Short Selling

CES: A Tale of Two Oracles

To demonstrate how the CES margin is affected by the nature of the protocol's token, we compare the following two scenarios:

EnshrinedOracle, which relies on the base-layer's token that we denote by

`$ETH`

.TraditionalOracle, relying on its own token that we denote by

`$TRD`

.

The value and utility of $ETH are independent of EnshrinedOracle's activities, unlike $TRD, whose value is closely tied to the operations of TraditionalOracle.

Resilience to Attacks

Under the same attack, the EnshrinedOracle is far more cryptoeconomically secure, as the underlying stake is not derived from the operations of the EnshrinedOracle. In contrast, such an attack would devastate the cryptoeconomic security of the TraditionalOracle.

Divergences in the Cost of Corruption

Being able to short $TRD based on the TraditionalOracle's operations increases the potential profit from attack, whereas there is no such benefit for attacking EnshrinedOracle.

Market Fluctuation Impact

Next, we analyze the ramifications of a sudden decrease of `$TRD`

market cap. Such a change in valuation could result from the volatile nature of the crypto space or the unintended fault of the protocol.

**Observation 3.** Assume the protocol is CE-secure. Any fluctuation in `$TRD`

market cap can make the protocol CE-vulnerable.

This observation is demonstrated using an example.

Example 1:

Next, we analyze EnshrinedOracle, relying on the independent `$ETH`

token. The CES margins of EnshrinedOracle *before *the event is

The figure below depicts the change in the CES margin of EnshrinedOracle due to the same event. Importantly, under precisely the same event, EnshrinedOracle remains CE secure.

The TraditionalOracle's CE security is far more susceptible to market fluctuations, whereas EnshrinedOracle's security is resilient to external market forces.

Beyond Profit from Depreciation

Scaling Cost of Corruption with Total Value Secured

Passively, due to an increase in

`$TRD`

market cap.

Let us examine these two solutions. For the passive approach of experiencing an increase in `$TRD`

market cap, note that the TraditionalOracle cannot (legally) control the price and ensure a positive CES margin. Particularly, if the TVS fluctuation and the price fluctuation are not identical (correlation is not enough in this case), the TraditionalOracle could become CES-vulnerable (a scenario similar to that in Observation 3). The active approach is also challenging, as it requires the TraditionalOracle to call capital on demand while not being connected to an independent pool of capital.

EnshrinedOracle can mitigate a TVS increase by controlling the stake, allowing the CoC to scale accordingly.

Cost of Capital

TraditionalOracle's security scheme demands stakers hold `$TRD`

, thus, stakers have to posses a token with relatively small market cap that depends on the protocol's performance. In contrast, EnshrinedOracle could accept stake in `$ETH`

, the base-layer's token. `$ETH`

is less volatile, does not suffer from inflation, and is a multi-purpose token. These differences allow EnshrinedOracle to demand less of its stakers compared to TraditionalOracle's stakers, who may demand a premium for the additional risks they take (possessing `$TRD`

and being exposed to a potential turbulent macroeconomic environment). Additionally, since EnshrinedOracle's stakers could be re-stakers through Eigenlayer, their capital efficiency is maximized.

The Dual Token Model

An independent token makes EnshrinedOracle significantly more CE secure than its counterparts utilizing a staking token. However, oracle sovereign tokens offer other advantages if decoupled from the CES risks.

By rewarding validators with a token, an incentive structure can be designed to increase the rate of rewards. Factors such as uptime, accuracy , and longevity of validators may increase their rewards earned. This achieves both incentivization of higher quality validation, and alignment of validators with the interests of the protocol.

A token vesting mechanism requires validators to be aligned with the network by locking their rewards and ensuring the commitment of the validators during the vesting period. This enhances the stability and security of the network.

A sovereign token design also allows for creating a punishment structures , where rewards can be revoked on non-malicious misbehavior. To avoid slashing Beacon Chain ETH , all non-malicious behavior will addressed with sovereign token punishments.

Implementing all of these mechanisms **while having stake rooted in ****$ETH**** retains the CES benefits of EnshrinedOracle** **while avoiding the CES vunerabilities of TraditionalOracle.**

Proofs

End Notes

To assess whether attacking is beneficial, the attacker must take into account two elements: the Cost of Corruption ($\textit{CoC}$) and the Profit from Corruption ($\textit{PfC}$).

$\textit{CoC}$ encompasses the total resources the attacker must invest to successfully manipulate the protocol, i.e., slashing of their stake, technical resources required for the attack and other associated expenses. Since we focus on assessing the efficacy of stake slashing as a deterrent and its influence on the CES, we assume that the $CoC$ primarily involves the loss of the attacker's staked assets, while other costs will be disregarded.

$\textit{PfC}$ signifies the potential gains the attacker would achieve post-successful manipulation. Our analysis requires a more subtle approach towards $\textit{PfC}$, and thus we divide $\textit{PfC}$ into two sources as follows:

**Profit from Manipulation** ($\textit{PfM}$) is the *internal* profit the attacker can gain by manipulating the protocol. For instance, for Oracle protocols, it is the profit that could be extracted by a malicious price update. The $\textit{PfM}$ is upper-bounded by the protocol's Total Value Secured (TVS).

**Profit from Depreciation** ($\textit{PfD}$) addresses the *external* profit the attacker can gain from betting on price volatility or depreciation through, e.g., derivative markets or short selling.

Notice that $\textit{PfC}=\textit{PfM}+\textit{PfD}$. A rational attacker will only attack if $\textit{CoC} < \textit{PfC}$.

**Definition (CES Margin)**. A protocol has a $\beta$-crypto-economic security margin, or a $\beta$-CES margin, if

$CoC-\underbrace{(\textit{PfM}+\textit{PfD})}_\textit{PfC} = \beta.$

We now discuss the$\textit{PfD}$ ingredient and suggest a (stylized and simplified) way to quantify it. Crucially, it does not rely on any property of a protocol and refers to any asset, be it cryptocurrency, fiat, or stock.

Consider a token we call `$TOK`

, and assume that the attacker can short `$TOK`

. Since we assume the attack is relatively quick, we neglect the shorting fees.$^1$ The amount of short positions is bounded by `$TOK`

's *short interest*. Namely, the percentage of `$TOK`

's free float market cap that the attacker could short sell, which we denote by $k$. We stress that typically $k\in[0,1]$. Further, let $m$ denote `$TOK`

's total market cap (in USD). We therefore assume the attacker can open a short position of $km$ USD. Next, let $d$ denote the percentage of depreciation due to the attack, for $d\in(0,1]$. A short seller can thus earn $d$ for every `$TOK`

they short. All in all, a successful short trade will grant the attacker a profit of $kdm$ USD.

We assume that the only difference between EnshrinedOracle and the TraditionalOracle is the token used for staking. In both scenarios, the market cap of the stake is equal and worth $S$ (measured in USD); however, as we show shortly, the two scenarios imply different CES margins. The reason is that an attack's ramifications are different.

For TraditionalOracle (`$TRD`

), a successful attack on the TraditionalOracle will affect the `$TRD`

value, as the `$TRD`

's inherent value is tied to the operations of TraditionalOracle. The attacker can gain $kdm$ USD by shorting `$TRD`

prior to the attack; hence, in TraditionalOracle's case $\textit{PfD}=kdm$.

For EnshrinedOracle (`$ETH`

), as the value and utility of `$ETH`

are unrelated to the EnshrinedOracle protocol the price of `$ETH`

will not be affected. Thus, the $\textit{PfD}$ equals 0 for EnshrinedOracle.

**Observation 1****. **If the TraditionalOracle, which relies on its own token `$TRD`

, has a $\beta$-CES margin, then EnshrinedOracle, which relies on the base-layer's token `$ETH`

, has a $(\beta+kdm)$-CES margin.

**Observation 1 is illuminating.** To illustrate, assume that the TraditionalOracle is a medium-sized decentralized service ($m \approx 1$ billion USD) with a reasonable short interest ($k=0.1$).

Under a severe attack ($0.7 \leq d \leq 1$)**, **its CES margin **is smaller by 70-100 million USD compared to EnshrinedOracle. **

External, unforeseen events can break the CES of the TraditionalOracle. A crucial observation is that the $CoC$, which is the stake $S$ of the validators, is always smaller than `$TRD`

's market cap $m$. Let $s$ denote the proportion of `$TRD`

market cap used for staking in the protocol, namely $s\triangleq \frac{S}{m}$. We use this formulation to analyze the robustness of the protocol and suggest it is susceptible to a death spiral.

**Observation 2.** For any real number $q \in [1, \infty)$, the TraditionalOracle could be CE-vulnerable even if the cost of corruption is $q$ times the profit of manipulation, i.e., $\textit{CoC} = q \cdot \textit{PfM}$.

The above observation means that attacks might be executed even if the $\textit{PfM}$ is negligible, provided that the attacker can gain from a `$TRD`

price decrease after the attack. The $\textit{CoC}$ component should thus reflect not only the TVS (through $\textit{PfM}$) but also the short interest (through $k$).

We analyze the CES of TraditionalOracle after a major price drop, which occurs due to, e.g., a major crypto volatility event. We denote by $t_0$ the time of the price drop. We assume that the stake proportion is $s=20\%,$ the attacker's foreseen price drop is $d=50\%$, and the short interest is $k=15\%$.

Before the attack at $t_0$, we assume the market cap of `$TRD`

is $m=1000$ (all monetary quantities are given in million USD terms). Consequently, $\textit{CoC} = sm = 200$, and $\textit{PfD} = kdm = 75.$ Additionally, we assume that before time $t_0$ the potential profit from manipulation is $\textit{PfM}=90.$

The event at $t_0$, which occurs due to a major crypto volatility event, **causes the market cap of all crypto tokens to decrease. **Particularly, we assume that `$TRD`

drops by $50\%$ and that the more stable`$ETH`

drops by $20\%$. Furthermore, such a market cap change also decreases the $\textit{PfM}$. TraditionalOracle's TVS is comprised of different tokens, for instance in `$ETH`

, wrapped versions of `$BTC`

, stable coins (`$USDT`

/`$USDC`

), and more. Some of those tokens are more volatile than others, and some do not fluctuate at all. We thus assume that, on average, the$\textit{PfM}$ drops on the same scale as `$ETH`

, namely by $20\%$.

The figure below depicts the situation before and after $t_0$, as we formally analyze next.

Let us analyze the CES margin. Before $t_0$, we see that the CES margin is positive, since

$\textit{CoC} - \textit{PfM} - \textit{PfD} = 200 - 90 - 75 = 35.$

After $t_0$, which occurs due to a major crypto volatility event, the market cap of `$TRD`

drops by $50\%$ and becomes** **$m'=500$**.** As a result, the $\textit{CoC}$ falls to $sm'=100$ and the $\textit{PfD}$ drops to $kdm'=37.5$. Furthermore, the market cap of all crypto market drops and, as noted above, the$\textit{PfM}$ drops by $20\%$. Overall, the CES margin becomes negative, since

$\textit{CoC} -\textit{PfM}-\textit{PfD} = 100 - 72 - 37.5 = -9.5.$

Thus, the event at $t_0$ that sparked a price drop made the TraditionalOracle CE vulnerable.

$\textit{CoC} -\textit{PfM}-\textit{PfD} = 200-90-0=110.$

The event at $t_0$ affects EnshrinedOracle's CES margin as well. First, EnshrinedOracle has no $\textit{PfD}$ as it relies on an independent token; thus, the attacker cannot gain from betting on price drops. Secondly, EnshrinedOracle's $\textit{CoC}$ decreases due to the drop of `$ETH`

, by $20\%$ to become$\textit{CoC}=160$. Thirdly, as in the case of TraditionalOracle, the$\textit{PfM}$ drops by $20\%$, becoming $\textit{PfM}=72$. Overall, the CES margins of EnshrinedOracle *after *the event is

$\textit{CoC} -\textit{PfM}-\textit{PfD} = 160-72-0=88.$

Until now, we have focused on $\textit{PfD}$, an element that plays a crucial role in the TraditionalOracle but not in EnshrinedOracle. The $\textit{PfD}$ analysis assisted in understanding how an independent token (`$TRD`

) decreases the CES margin (Observation 1), making the protocol susceptible to attacks even if the $\textit{CoC}$ is orders of magnitude greater than the $\textit{PfM}$ (Observation 2), and could result in vulnerabilities in times of price fluctuations (Observation 3). But relying on a dedicated token `$TRD `

bares other weaknesses. In the next section, we extend our analysis to challenges in the $\textit{CoC}$, particularly around issues of scaling and cost of capital.

Assume that both protocols gain traffic and usage, resulting in a ten-fold increase in the TVS. The higher the TVS, the higher the $\textit{PfM}$; hence, the CES margin decreases dramatically. For simplicity, we shall assume that the $\textit{PfM}$ is a constant fraction of the TVS. How can the protocols regain their CE security?

**Observation 4.** To keep the CES margin positive, the $CoC$ should scale linearly with the TVS.

Recall that for TraditionalOracle, $\textit{CoC} = S = sm,$ where $s$ is the staked proportion of `$TRD`

and $m$ is `$TRD`

market cap. The TraditionalOracle can hence increase its $\textit{CoC}$ in two ways:

Actively, by increasing the staked proportion $s$.

The TraditionalOracle satisfies $CoC-{(PfM+PfD)} = \beta$, with $PfD=kdm$. EnshrinedOracle has the same $CoC$ and $PfM$, but zero $PfD$ since it relies on the independent `$ETH`

token. Its CES margin is thus $\beta+kdm$. $\blacksquare$

Assume that $CoC=q\cdot PfM$, namely that $PfM=\frac{sm}{q}$. Therefore,

$CoC-PfM-PfD=sm-\frac{sm}{q}-kdm=m\left(s(1-\frac{1}{q})-kd\right).$

The attack is thus beneficial as long as $kd>s(1-\frac 1 q)$. Specifically, if the short interest $k$ is greater or equal to the stake proportion $s$, the protocol becomes CE-vulnerable if the attacker expects a price drop of $d\geq 1-\frac 1 q$. This vulnerability still remains even if $q\rightarrow\infty$, since $d$ could potentially reach 1 and $1-\frac 1 q \leq 1$ for any $q\in [1,\infty).$ $\blacksquare$

Assume that *before* the event, the market cap $m$ satisfies $PfM < m(s-kd)$; thus, the protocol is CE-secure since

$CoC-PfD-PfM=m(s-kd)-PfM > m(s-kd) -m(s-kd)=0.$

Assume that the $PfM$ does not depend on the market cap $m$. This is the case for, e.g., lending markets that mostly offer contracts in `$ETH`

, etc. Since $PfM < m(s-kd)$, there exists a real number $m_0$, for $m_0<m$, such that $PfM=m_0(s-kd)$. Denote by $m'$ the market cap of `$TRD`

*after* the event. Consequently, if $m'<m_0$, it holds that

$CoC-PfD-PfM=m'(s-kd)-PfM = (m'-m_0)(s-kd) < 0;$

thus, the protocol is CE-vulnerable. In other words, if the $PfM$ is not affected by the event, a market cap decrease can spark an attack.

For the sake of this proof, we use the subscript $t$ to refer to objects in time $t$; for instance, $CoC_t$ is the $CoC$ at time $t$. The CES margin at time $t$ is given by

$CoC_t -PfM_t-PfD_t.$

Assume at time $t=0$ the CES margin is positive and equals $\beta$. Further, assume by contradiction that $CoC_t =o(\textnormal{TVS }_t)$, where $o(\cdot)$ is the little-o notation. Our assumption about the $PfM$ being a constant fraction of the TVS implies that $CoC_t =o(PfM_t)$ also holds. By definition, there exists a time $t'$ for which $CoC_{t'}<PfM_{t'}$, and hence

$CoC_{t'} -PfM_{t'}-PfD_{t'} \leq CoC_{t'} -PfM_{t'}<0;$

therefore, the protocol is CE-vulnerable at time $t'$. $\blacksquare$

$^1$ In practice, the attacker would buy leveraged contracts and employ trading strategies. We focus on short positions, ensuring our model is simple yet aligned with reality.