A sovereign HTTP oracle sits alongside your existing EVM price feed as an independent cross-check. It doesn't replace your infrastructure. It closes the attack surface your primary oracle cannot close on its own.
Every major DeFi lending and perpetuals protocol today relies on a single oracle source of truth for collateral valuation. When that oracle is correct, the protocol works as designed. When it is manipulated — by a patient attacker, a miscalibrated parameter, or a compromised governance key — the protocol has no recourse. It accepts the wrong price and acts on it.
A $285 million exploit on a major Solana perpetuals exchange in April 2026 confirmed what the attack surface looked like in practice. A $27 million wrongful liquidation event on Aave the month before showed the same vulnerability from a different angle — not malicious, just wrong. Both protocols had been audited. Neither audit caught the oracle layer.
The oracle is the last line of defence. A protocol's margin constraints, liquidation logic, and collateral rules all work exactly as designed — until the oracle tells them the wrong price.
Oracle manipulation is not an edge case. It is the second most common attack vector in DeFi. Across the last 12 months, confirmed oracle failures and manipulation attacks have cost protocols and their users over $328 million — across eight chains, at protocols that had been audited, with teams that were paying attention. And critically, these attacks span three distinct mechanisms — none of which require a fake token.
| Date | Protocol | Chain | Loss | Mechanism |
|---|---|---|---|---|
| Apr 1, 2026 | Major Solana Perpetuals DEX | Solana | $285M | Admin key + wash trading + fake token oracle manipulation |
| Mar 10, 2026 | Aave CAPO | Ethereum | $27M | Parameter desynchronization — wstETH undervalued 2.85%, triggering wrongful liquidations |
| Feb 2026 | Venus Protocol | ZKsync | $717K | wUSDM oracle manipulation via ERC-4626 vault donation exploit |
| Jan 20, 2026 | MakinaFi | Ethereum | $4.1M | Flash loan manipulation of Curve pool oracle via unvalidated external data |
| Sep 2025 | New Gold Protocol | Multi-chain | $2M | Price oracle issues combined with transfer logic flaws |
| Apr 2025 | Yellow Protocol | Multi-chain | $2.4M | Single DEX pool used for price data — artificially inflated via large trades |
| Apr 2025 | KiloEx | Multi-chain | $7M | Oracle price manipulation |
Every one of these protocols had been audited. Traditional security audits review smart contract code. They do not close the oracle manipulation surface — because that surface lives outside the contract, in the architecture of how price data is sourced, validated, and accepted.
The third rail approach adds Mycelia Signal as an independent parallel feed running alongside your existing primary oracle. Before any collateral price is accepted by the protocol, it is validated against a second signed attestation from a sovereign source with no shared governance, no shared infrastructure, and no shared attack surface.
The value of the third rail is not that Mycelia Signal is a better oracle. It is that it is an independent oracle — one with no shared governance, no shared node operators, no shared exchange relationships, and no shared attack surface with your primary feed. A failure mode that compromises one has no path to the other.
This independence closes three distinct classes of oracle attack:
KiloEx ($7M), MakinaFi ($4.1M), and Yellow Protocol ($2.4M) were all attacked via manipulation of legitimate token prices — flash loans or large trades that temporarily distorted DEX pool prices used as oracle inputs. A cross-check against Mycelia Signal's multi-exchange aggregation across 9 independent sources detects the divergence and halts before the manipulated price reaches the protocol.
The Aave CAPO incident ($27M in wrongful liquidations) was not a hack. It was wstETH being undervalued by 2.85% due to oracle parameter drift. A cross-check against an independent feed with no shared parameter configuration would have flagged the divergence before the liquidations triggered.
The April 1st exploit ($285M) combined admin key compromise with weeks of wash trading on a fabricated token to build a convincing price history. This class of attack fails structurally against Mycelia Signal's fixed immutable asset list — there is no admin function to add a new token, no governance vote to pass, no permission layer to compromise. The fake token simply does not exist in the feed. The validation layer returns a 404. The quorum fails. The price is rejected before it reaches the market.
The first two classes are more common than the third. All three are closed by the same architecture — an independent feed with no shared infrastructure.
The validation layer can be implemented at different points in your stack, depending on how quickly you need to move and what your audit requirements are.
Attests only to a predetermined set of assets. No admin function, no governance vote, no permission layer to compromise. A fake token cannot be introduced regardless of what access an attacker obtains.
Every response includes asset, price, sources, methodology, timestamp, and a secp256k1 signature verifiable against a published public key. Tamper-proof, auditable, on record.
No token. No DAO. No multisig. No relationship with any DeFi protocol. Independent failure modes — an attack that compromises your primary oracle has no path to Mycelia Signal.
Standard HTTP call. Any keeper, relayer, or adapter can fetch. Per-query payment via Lightning (L402) or USDC on Base (x402). No API key, no subscription, no account required.
56 live endpoints across crypto, FX, and macro data today. Coverage can be expanded to match your full collateral asset list. Additions are deliberate, published updates — not permissioned feed injections.
US (Iowa) and Asia (Taiwan) GCP nodes running identical stacks. Per-instance keypairs — cryptographically independent. No single point of failure across regions.
# Fetch signed attestation from Mycelia Signal GET https://api.myceliasignal.com/oracle/price/btc/usd # Response (after payment via x402 or L402) { "pair": "BTC/USD", "price": "84231.50", "timestamp": "2026-04-02T14:00:00Z", "sources": "coinbase,kraken,bitstamp,gemini,bitfinex,okx,bybit,htx,gate", "signature": "a3f8c2d9...b7d10442", "pubkey": "03c1955b8c543494c4ecd86d167105bcc7ca9a91b8e06cb9d6601f2f55a89abfbf", "canonical": "v1|BTCUSD|84231.50|USD|2|1743602400|nonce|sources|median" }
# Verify secp256k1 signature off-chain before submitting on-chain import secp256k1 pubkey = bytes.fromhex("03c1955b8c543494c4ecd86d167105bcc7ca9a91b8e06cb9d6601f2f55a89abfbf") canonical = "v1|BTCUSD|84231.50|USD|2|1743602400|nonce|sources|median" signature = bytes.fromhex(response["signature"]) # Verify — if this fails, the attestation has been tampered with valid = secp256k1.verify(pubkey, sha256(canonical.encode()), signature)
# Cross-check primary oracle against Mycelia Signal attestation primary_price = chainlink.get_price("BTC/USD") mycelia_price = float(mycelia_response["price"]) tolerance = 0.02 # 2% divergence threshold — tune to your requirements divergence = abs(primary_price - mycelia_price) / primary_price if divergence <= tolerance: accept_price(primary_price) # prices agree — proceed else: reject_price() # divergence detected — halt, alert, investigate
For fake token attacks specifically: if the asset is not in Mycelia Signal's fixed list, the API returns a 404. The validation layer treats a missing attestation as a failed cross-check — the price is rejected regardless of what the primary oracle reports.
Integration starts with a single HTTP call. Test the live endpoints with free unsigned preview data, then configure payment for production signed attestations.
Mycelia Signal is a sovereign cryptographic oracle — 56 signed endpoints across crypto, FX, economic indicators, and commodities. Fixed asset list. No admin keys. No governance mechanism. Payable by AI agents via Lightning (L402) or USDC on Base (x402).