Project

Summary

One World Project leverages meta-transactions and a trusted off-chain oracle in a novel way in order to prevent oracle frontrunning issues. First, the user signs a message containing the parameters that describe the action they want to take. For example, if they want to open a long position, they would sign parameters that indicate which asset they want exposure to, how much capital they want to put at risk, how much leverage they want to use, the min and max asset prices they’re willing to tolerate, etc.

Next, the user (or a relayer) passes this signature and message to the off-chain oracle, which appends price information for the asset and stablecoins being used, the time at which the oracle signed the message, etc. In this way, the oracle’s signed message includes the user’s message and signature, in addition to price data and any other data needed to execute the user’s intended action.

Tools Used

Manual Review

Recommendations

The oracle’s message and signature can then be used to execute the operation by passing them along as parameters in a function call to the One World NativeMetaTransaction contract.

The NativeMetaTransaction contract enforces the user-chosen bounds. In this way, the oracle cannot force a user to take any action without the user agreeing.

Each user message contains a user-chosen nonce (userInteractionNumber), which is tracked by the meta transactions system to prevent signature replays.