Blockchain Oracles in 2025: Market Dynamics, Risks, and the $108B Race for Data

Oracles are the unseen engine behind DeFi. By enabling smart contracts to ingest real-world data, like asset prices, exchange rates, or economic indicators, they allow decentralized protocols to function in ways once reserved for centralized financial institutions.

From lending platforms to derivatives markets and insurance protocols, oracles are essential. As of May 10th, 2025, according to Defillama, blockchain oracles secured more than $108.13 billion in assets. Yet despite this foundational role, oracles remain under-discussed, under-valued, and, at times, dangerously under-secured. 

Over the past five years, the oracle landscape has matured. Chainlink still dominates, but its share is shrinking as nimble, chain-specific, and faster-moving protocols like Pyth, RedStone, and Chronicle carve out distinct niches and solidify their market share. This comes when new demands are being placed on oracles—from real-time AI agents and RWAs price feeds to automated DeFi execution.

At the same time, oracles continue to be a weak point in DeFi’s attack surface. While attacks as large as 2022’s $112 million Mango Markets exploit haven’t been seen in several years, the industry still has its fair share of issues. From the $7.5 million price manipulation attack on KiloEX to recent oracle-related controversies on platforms like Polymarket, oracles have been a recurring target for hackers, bad actors, and opportunists.

This report explores the evolution of oracles, their attack history, market share shifts, and how new shifts, like the explosive growth of AI agent-based blockchains and tokenized RWAs, are changing how oracles are deployed and how they’ll need to evolve to secure the future of decentralized finance.

The Oracle Problem: Reliability, Security, and Decentralization

DeFi protocols are only as decentralized (and as secure) as the data they use. This principle underscores the ongoing “oracle problem,” a foundational challenge in decentralized finance: how to securely, reliably, and efficiently bring off-chain data into on-chain environments.

The oracle problem closely mirrors the blockchain trilemma. Oracles must balance three competing priorities: 

• Security (resisting manipulation or tampering),

• Decentralization (avoiding single points of failure), and

• Latency (delivering data fast enough for dynamic, real-time use cases).

In most cases, improving one of these variables undermines another. A more decentralized system may lead to slower data throughput, and a faster oracle might lean on centralized infrastructure. At the same time, a highly secure feed could be too expensive or impractical for composable smart contracts.

Most price oracles today aggregate data from off-chain APIs or exchange feeds, which exposes them to multiple risks:

• Exchange manipulation (e.g., thin liquidity on obscure pairs)

• Flash loan attacks that inflate or collapse asset values

• Censorship risk (if the feed is run by a single party or cloud provider) 

These risks are not theoretical. Time and again, DeFi applications have been exploited due to faulty or manipulable data sources, and oracles remain the most important bulwark against (and often, the most vulnerable attack surface for) a variety of attacks on decentralized networks.

A Brief History of the Oracle Market

The external oracle market has evolved significantly since 2019, maturing from a niche function into a critical pillar of decentralized finance. Initially, Chronicle, the in-house oracle for MakerDAO, was the only major player in the oracle space. However, with the launch of Chainlink in May 2019, the competitive landscape shifted dramatically.

• By September 2019, Chainlink had already captured over 30% of the market. 

• By July 2020, during DeFi Summer, it peaked at 67% market share. 

• By May 2021, Chainlink held 74.2%, with Chronicle at 16.1%, Band at 4.4%, and WINKLink at 2.3%.  

That same year, internal oracles—custom solutions embedded directly into dApps—rose in popularity, especially across the Terra ecosystem. By April 2022, internal oracles secured over 16% of TVS across DeFi. But their rapid collapse following Terra’s implosion reduced their share to nearly zero in less than 48 hours, underscoring the risks of opaque or project-specific oracle systems. 

By May 2022, the landscape looked like this:

• Chainlink: 61%

• Chronicle: 19.2%

• WINKLink: 5.4%

• Pyth: 4.6%

• Band: 1.7%

Others like RedStone, Switchboard, TWAP, and SEDA represented the remaining fraction of market share. 

From mid-2023 to mid-2025, the oracle market began to stabilize. While remaining a clear market leader, Chainlink has slowly ceded share to newer, more agile protocols, and Pyth, RedStone, WINKLink, and Chronnicle have each maintained around 10% of the market’s total value secured. 

Below is the breakdown of the top oracle protocols by TVS as of May 9, 2025: 

• Chainlink: 54%

• Pyth: 11% (up from just 2% in 2023)

• RedStone: 9.7%

• WINKLink: 10.5%

• Chronicle: 11.9%

• Switchboard: 3.6%

• Supra: 0.9%

Other players like Edge, API3, and Band maintain marginal market share. API3, once a VC favorite, has declined from over 2.3% in March 2024 to under 0.9% today.

Chain-Specific Penetration

While global TVS rankings offer a high-level view, market share varies widely by blockchain. For example: 

• Pyth dominates Solana, securing over 47% of the chain’s TVS (~$3.96B).

• Switchboard holds another 32% on Solana (~$2.7B), but only 3.6% globally. 

• Conversely, Chainlink retains strong dominance on Ethereum and Avalanche, while newer entrants are gaining ground on Layer 2s like zkSync and Base. 

The takeaway: while Chainlink remains dominant, its lead is narrowing. New entrants like Pyth, RedStone, and WINLink are carving out specialized roles through faster settlement, chain-specific focus, or integrated automation features.

Oracle Attacks: Exploits, Losses, and Vulnerabilities

Oracle manipulation has been one of DeFi’s most persistent and expensive vulnerabilities. In 2022 alone, Chainalysis estimated that $403.2 million was lost across 41 separate oracle-based exploits. And while attack frequency has declined, this likely reflects the rise of easier attack surfaces—like bridges and protocol logic bugs—rather than genuine improvements in oracle security.

Unfortunately, DeFi’s reliance on oracles means that even one compromised feed can trigger systemic losses.

Case Study: The Mango Markets Exploit (2022)

The most infamous oracle attack to date occurred on Mango Markets, a Solana-based DeFi trading protocol, which lost $112.2 million in a single exploit.

Here's how it worked:

1. Price Manipulation on Centralized Exchange:

   • The attacker acquired MNGO tokens and used them to manipulate the price of MNGO on FTX, temporarily inflating it by 300% within 10 minutes.
     

   Inflated Collateral Value:

• Mango relied on external oracle feeds that referenced centralized exchange prices. By inflating MNGO’s price, the attacker drastically increased their collateral value on Mango.
  

2. Massive Loans:

• Using the now-overvalued MNGO collateral, the attacker took out massive loans in stablecoins and other assets, draining the platform.
  

3. Exit and Negotiation:

• The attacker offered to return part of the funds in exchange for a “bounty” and immunity from prosecution. Mango's DAO voted to accept the deal, highlighting governance centralization and reputational risk.

This was not a failure of internal logic—it was a failure of oracle design. Mango pulled prices from a venue that could be manipulated cheaply and quickly. It showed how oracles can be both economic and technical attack surfaces.

Other Examples of Oracle Exploitation

Several other, somewhat more recent oracle exploits and issues include:

• KiloEx (2025): A $7.5 million loss occurred after a permissionless function was exploited to manipulate pricing. The DEX halted operations, promised full user compensation, and offered a 10% APY bonus to stakers affected.

• Vow Protocol (2024): Vow’s team made the mistake of testing rate changes live on its mainnet. During a brief 15–30 second window, an attacker minted v$2 billion using just 20 million VOW, netting $1.2 million in profits. Notably, this was not an external oracle attack, and instead a failure of Vow’s internal oracle, but it illustrates the importance of using secure, auditable, and external data feeds for valuation.

• zkSync ERC-4626 Vault Attack (2025): An attacker used a flash loan to manipulate the exchange rate of Mountain Protocol’s wUSDM token, inflating it from 1.06 to 1.7, then used the inflated value to take out a loan from Venus Protocol, causing a $717K loss.

• Polymarket + UMA (2025): In a high-profile reputational case, users accused UMA whales of manipulating prediction market outcomes on Polymarket by staking large amounts of UMA behind inaccurate resolutions. This included a market that resolved “yes” on a U.S.-Ukraine mineral deal that never happened. While not a technical hack, this event exposed governance manipulation risks in oracle-based systems.

Why Attacks Have Slowed—But Not Stopped

While headline oracle attacks are less frequent in 2024–2025, this should not be mistaken for progress. The shift is likely due to:

• Easier attack vectors (e.g., bridges, protocol logic)

• Hardened infrastructure around top-tier oracles

• Smarter attackers targeting less-audited systems

Yet oracles remain an ever-present systemic risk. As DeFi scales into RWAs, AI agents, and automated trading, the stakes are only getting higher.

Oracle Market Shifts, AI, and Real-World Assets (RWAs)

The oracle landscape in 2025 is undergoing structural changes, driven by the rise of decentralized AI ecosystems and the rapid growth of tokenized real-world assets (RWAs). These developments are reshaping how oracles are designed, who builds them, and how they're integrated into blockchain systems.

AI-Native Oracle Models

As decentralized AI protocols mature, a new class of oracle systems has emerged—ones built natively into AI networks, not bolted on from the outside.

Bittensor, an L1 blockchain for machine learning coordination, uses its validator layer as a built-in oracle. The protocol connects blockchain consensus to off-chain AI model evaluation. In practice, validators determine the value of AI outputs submitted by miners, creating an incentive system akin to traditional oracle consensus—what Bittensor calls Proof of Intelligence. This oracle-like functionality enables real-time coordination, rewards, and data validation without relying on third-party feeds. Each subnet within Bittensor can have its task-specific oracle logic, reinforcing the protocol’s modular architecture and decentralization.

The Artificial Superintelligence Alliance (ASI)—formed by the merger of Fetch.ai, Ocean Protocol, and SingularityNET—has also taken a native-oracle approach. Rather than rely on external solutions like Chainlink or Pyth, ASI protocols use Fetch.ai’s Autonomous Economic Agents as oracles. These “Digital Twins” can aggregate data from APIs, sensors, and even other agents, acting as programmable data providers for smart contracts. This system is:

• Decentralized by design, with cryptoeconomic incentives and reputation layers;

• Integrated with CosmWasm, leveraging Cosmos SDK's flexibility;

• Tailored for AI use cases, such as on-chain inference, agent coordination, and predictive modeling.

The key motivation for ASI’s native oracle architecture is tight integration between agents and execution, allowing real-world data to directly inform contract logic without waiting on external feeds. This creates more fluid, responsive AI systems and avoids bottlenecks that plague traditional oracle layers.

Virtuals Protocol, a modular infrastructure provider for AI agent networks, takes a hybrid approach. It’s designed to interface with multiple oracle solutions, depending on the data type needed. Chainlink and Band Protocol are commonly used, but depending on the market, the protocol may pull from Pyth, API3, or niche sources. This dynamic composition reflects a broader trend: AI systems need diverse data sources, and no single oracle can serve every purpose.

Oracles and the Rise of RWAs

Parallel to the rise of AI, tokenized real-world assets (RWAs) are accelerating demand for high-fidelity oracles. According to RWA.xyz, as of May 12, 2025, over $22.06 billion in RWAs are hosted on-chain, excluding stablecoins. These include:

• $12.9B in tokenized private credit

• $6.9B in U.S. Treasuries

• $1.5B in commodities

• $478M in institutional alternative funds

The RWA category is increasingly led by institutional-grade products, such as:

• The BlackRock USD Institutional Digital Liquidity Fund (BUIDL), with a market cap of  $2.87B, utilizes the Securitize tokenization protocol (which itself uses RedStone as its core oracle provider)

• Tether Gold (XAUT) and Paxos Gold (PAXG), with market caps of $831M and $799M, respectively (XAUT uses DIA as its oracle, while PAXG leverages Chainlink for oracle price feeds)

• Franklin Templeton and Ondo Finance on-chain Treasury funds (Ondo primarily uses Pyth, though Chainlink is also used in some functions)

In addition, several institutional-grade private funds have moved on-chain, most notably:

• Blockchain Capital III Digital Liquid Venture Fund (BCAP): A tokenized crypto/blockchain VC fund with a $148M market cap, issued by Securitize (RedStone) 

• Superstate Crypto Carry Fund (USCC): On-chain crypto fund with a focus on yield-generation, with a $107M market cap, issued by Superstate (which uses Chainlink for USCC, but internal oracles for some other funds) 

• Apollo Diversified Credit Fund (ACRED): A multi-asset credit fund issued via Securitize (RedStone), combining a mix of public and private credit investments, with a $71M market cap

As these assets grow, so does the need for trustworthy oracles to provide interest rates, NAV updates, and off-chain valuation data in a transparent and verifiable way.

Why this matters: Traditional oracles focused on crypto-native prices (ETH, BTC, etc.). RWA oracles must bridge the gap between off-chain TradFi systems and on-chain DeFi protocols, often pulling from regulated sources, delayed settlement data, or proprietary pricing models. For tokenized bonds and credit instruments, this introduces challenges around: 

• Latency and frequency of updates

• Verifiability and regulatory compliance

• Auditability and legal accountability

Institutions entering DeFi will not accept opaque data pipelines. As such, RWAs are forcing oracles to professionalize, standardize, and support new feeds—a likely vector for innovation and consolidation in the next oracle cycle.

As DeFi Matures, and RWAs and AI Protocols Grow, Oracles Remain Essential  

The oracle market has quietly become one of the most critical yet often overlooked components of Web3. Securing over $108 billion in value, oracles underpin everything from liquidations and leverage to RWAs and decentralized AI. As demands on smart contracts grow, the need for secure, real-time data has never been greater.

Chainlink remains the dominant player, but its lead has narrowed. Chain-specific and latency-optimized oracles like Pyth, RedStone, Switchboard, and WINLink are gaining traction as the market matures and diversifies. At the same time, the attack surface remains active. 

From the $112M Mango Markets exploit to the KiloEx and zkSync vault attacks, oracle-based vulnerabilities continue to carry systemic risk. Meanwhile, controversies like Polymarket’s UMA resolution issues highlight how reputational trust in oracle networks can shape adoption. 

The rise of decentralized AI and on-chain RWAs is accelerating change. Protocols like Bittensor and FET.ai’s Artificial Superintelligence Alliance are developing native oracle layers that fit their ecosystems, often favoring speed, customization, and control over third-party feeds. In 2025 and beyond, the winners won’t just secure user assets but deliver the fastest, most verifiable information to power decentralized systems.