Oracle Security Flaw: Single-Source Price Feed Puts User Funds at Risk

A critical vulnerability has been identified in the project's oracle system, where reliance on a single external price feed creates a direct risk of market manipulation and user fund loss. The current implementation depends solely on the CoinGecko API for crypto price resolution. If this single source is down, returns incorrect data, or is successfully manipulated, all market resolutions become incorrect, leading to potential financial damage for users. This single point of failure is a known security weakness in decentralized finance systems.

The proposed fix is a multi-source price aggregator that computes a median value from three independent feeds. The implementation guide specifies adding CoinMarketCap API and Binance's public ticker API alongside CoinGecko. Prices would be fetched in parallel with a 5-second timeout per request, using `Promise.allSettled` to handle individual source failures without crashing the entire process. A critical safety rule is enforced: if fewer than two sources return valid data, the system must throw an error and push the affected market into a pending review queue, preventing resolution on unreliable information.

This architectural shift from a single source to a robust, fault-tolerant aggregator significantly hardens the system against manipulation and improves overall reliability. It directly addresses a foundational security flaw that could otherwise lead to incorrect settlements and financial losses. The move signals a proactive step to mitigate a well-known attack vector in DeFi oracles, where price feed integrity is paramount for trust and the safety of locked capital.