Dishonest oracles can use other oracles' generations and validations to profit
Summary
Oracles are a permissionless role and anyone can join after staking some funds. Oracles can leech off of other oracles' work by providing the same generations or calculate the needed validation parameters according to the rewarding system and provide dishonest validation jobs.
Vulnerability Details
After LLM generations are requested, oracles can respond and validate the responses and get rewarded accordingly. The issue is that these responses and validations will be readable on chain and as oracle role is permissionless an attacker has the ability to steal from honest oracles. For responding with generations, they can watch oracles that usually provide high quality generations and submit the same generations they do. Attackers can also do this for validating generations or read existing validations to calculate rewardable scores and submit those without actually validating the generations.
Impact
Dishonest oracles can profit off of honest oracles' work.
Recommendations
Either oracles should be trusted and verified or oracle functionality should be taken off chain.
Lead Judging Commences
There is no oracle whitelisting
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.