Who Takes Responsibility in DeFi?
When a DeFi user lost 14 ETH (~$33,000) due to a faulty oracle update, responsibility seemed to lie with no one. This occurred in early March when a user, “jameis,” of an Re7 vault on Morpho had their cbETH-backed loan liquidated due to a delay in the price feed between Pyth’s cbETH/USD and ETH/USD feeds. While the price of ETH kept updating, cbETH’s price remained frozen for nearly an hour, triggering liquidations despite the cbETH/ETH ratio not diverging in reality.
The Blame Game Begins
When faced with their $33,000 loss, jameis turned to Morpho’s governance forum and Discord for answers. Instead of resolution, they found a circle of decentralized responsibility-dodging:
- Morpho’s stance: They are oracle-agnostic and provide infrastructure only.
- Pyth’s stance: Their prices were accurate. Responsibility lies with integrators like Re7 or the user for running an extra scheduler for updates.
- Re7 Labs’ stance: A timing mismatch occurred, but that’s typical for push-based oracles. Improvements will be made next time.
No one claimed responsibility or offered compensation for the loss. This incident was a result of an architectural failure:
- Pyth’s push model left price updates unsynchronized.
- Re7 did not run a scheduler to keep updates in sync.
- Morpho does not enforce oracle reliability standards, leaving curators responsible.
Due to distorted prices, the liquidation bot executed the loss of jameis’s 14 ETH. Although $30,000 is minor in the DeFi scene, it raises significant concerns about accountability in decentralized finance.
In traditional finance (TradFi), individuals have legal recourse for erroneous liquidations caused by inaccurate data. DeFi lacks such guarantees, often resulting in mere replies on forums about permissionless infrastructure.
Clearly, Re7 could have implemented safeguards like timestamp validation to prevent reliance on stale data, while Pyth could enhance scheduling reliability instead of offloading responsibility. Morpho could blacklist unreliable curators but chooses not to enforce such measures.
A Morpho spokesperson argued that vaults are displayed unless curators are deliberately scamming, asserting that Morpho provides unopinionated infrastructure.
Marc Tillement, from Pyth Data Association, indicated that the issue could have been averted with better scheduling practices by the vault manager or protocol. Meanwhile, jameis, who acted normally, remains unsupported in their loss.
For DeFi to scale beyond niche users, accountability mechanisms—like insurance or stricter standards—are crucial. Without them, incidents like this will persist. The situation is clear: jameis lost 14 ETH, and no party is willing to rectify the issue.
Comments (0)