How Does Pyth Network Work?

DeFi|Risk B|6 mechanisms|5 interactions

Pyth Network is a decentralized oracle delivering real-time price data from 124+ first-party publishers (including Binance, Jane Street, Cboe) to DeFi protocols across 100+ blockchains. With 380+ price feeds updating every 400 milliseconds, it is the dominant oracle on Solana and growing rapidly across other chains. Its B grade reflects strong institutional publisher participation, active development, and a clean track record, with moderate risk from its Wormhole cross-chain dependency and the novel first-party oracle architecture that is still maturing relative to Chainlink's longer track record.

TVL

Sector

DeFi

Risk Grade

B

Value Grade

D+

Core Mechanisms

3.1.1

Novel

Pyth first-party oracle — data publishers submit their own proprietary price data (not relayed from other sources) with 400ms update frequency and confidence intervals

First-party oracle model where data sources publish directly is distinct from Chainlink's node operator relay model. The confidence interval band around each price is a unique feature. This specific architecture has been live since 2022 but is not widely replicated by other major oracle networks.

3.1.2

Pyth price aggregation — weighted median algorithm combining publisher submissions with outlier rejection and confidence interval calculation

Weighted median aggregation is a standard statistical method. Chainlink uses a similar median-based approach. The specific implementation details differ but the pattern is established.

6.1.1

Wormhole cross-chain relay — Pyth uses Wormhole's guardian network to deliver price attestations from Pythnet to 100+ supported blockchains

Cross-chain message relay via Wormhole is a standard bridge pattern. Pyth's use of Wormhole for oracle data delivery is an application of existing infrastructure.

3.2.1

Pull-based price consumption — DeFi protocols actively request (pull) price updates on-demand rather than receiving passive (push) updates

Pull-based oracles are a known pattern (API3 also uses a similar model). Reduces on-chain gas costs but shifts freshness responsibility to consumers. Trade-off well-documented.

5.1.1

PYTH governance token — governs oracle fee parameters, data publisher rewards, feed listings, and protocol upgrades via on-chain voting

Standard governance token for protocol parameter management. Similar to other infrastructure governance tokens.

4.2.1

Publisher reward mechanism — PYTH tokens allocated to incentivize data publishers for providing accurate and timely price data (22% of supply)

Standard incentive mechanism for oracle network participation. Similar to Chainlink node operator rewards.

How the Pieces Interact

Pyth first-party oracleWormhole cross-chain relayHigh

Price data delivered across chains via Wormhole inherits Wormhole's security assumptions. A Wormhole guardian compromise could deliver manipulated price data to DeFi protocols on 100+ chains simultaneously, potentially triggering widespread incorrect liquidations or oracle-dependent exploits across the entire Pyth ecosystem.

Pull-based price consumptionPyth first-party oracleMedium

The pull-based model means price staleness is the consumer's responsibility. A DeFi protocol that fails to pull updates frequently enough during volatile periods may execute liquidations or trades based on outdated prices, creating MEV and loss opportunities.

Pyth price aggregationPublisher reward mechanismMedium

If publisher rewards become insufficient relative to the cost of maintaining data infrastructure, publishers may reduce data quality or frequency. The weighted median may still produce a price, but with wider confidence intervals and less responsiveness during volatile periods.

PYTH governance tokenPublisher reward mechanismLow

Governance controls the publisher reward parameters. If governance is captured by non-publisher entities, reward rates could be set too low to sustain publisher participation, degrading data quality for the entire network.

Pyth first-party oraclePyth price aggregationMedium

Concentrated publisher participation in specific feeds means some price feeds may rely on only 5-10 publishers. For less liquid assets, a coordinated or coincidental publisher error could produce an incorrect aggregated price that passes outlier rejection.

What Could Go Wrong

  1. First-party oracle data publisher trust: Pyth relies on data publishers (exchanges, market makers, trading firms) to submit honest price data. While aggregation across 124+ publishers reduces manipulation risk, individual publishers could submit stale or incorrect data. The confidence interval mechanism provides a measure of data agreement, but downstream DeFi protocols may not always properly handle wide confidence bands.
  2. Pull-based oracle model introduces latency risk: Unlike Chainlink's push-based model, Pyth uses a pull-based system where consumers must request price updates. If a DeFi protocol fails to pull an update during rapid price movement, it may use stale data for critical operations like liquidations. The 400ms update frequency mitigates this for active consumers, but the model shifts responsibility for freshness to integrators.
  3. Cross-chain message relay dependency: Pyth uses Wormhole as its cross-chain messaging layer to deliver price data from Pythnet (its Solana-based appchain) to 100+ supported blockchains. Wormhole has experienced significant security incidents (including a $320M exploit in February 2022), and any Wormhole vulnerability could compromise price data integrity across all Pyth-integrated chains.
  4. Concentrated publisher ecosystem despite breadth: While Pyth lists 124+ publishers, a significant portion of price feed data comes from a smaller subset of high-volume publishers (Binance, Cboe, Jane Street). If several major publishers simultaneously experience outages or submit incorrect data, the aggregation mechanism may not fully compensate.

Wormhole Guardian Compromise Cascading Across Pyth Consumers

Tail

Trigger: A vulnerability in Wormhole's guardian network (19-of-19 guardians as of 2025) allows an attacker to forge or manipulate Pyth price attestations delivered to one or more target chains.

  1. 1.Attacker exploits a Wormhole guardian vulnerability to forge Pyth price attestation messages with manipulated prices DeFi protocols on affected chains receive incorrect price data that appears legitimate, as it carries valid Wormhole signatures
  2. 2.Protocols relying on Pyth feeds execute liquidations, trades, or minting operations based on manipulated prices Widespread losses across lending protocols (incorrect liquidations), DEXes (mispriced trades), and derivatives platforms (wrong funding rates) that use Pyth as their primary oracle
  3. 3.Discovery of the attack triggers emergency halts across DeFi protocols, but damage is already done for protocols without circuit breakers Total losses could reach hundreds of millions across all Pyth-integrated protocols, with cascading DeFi-wide impact due to Pyth's dominance as the oracle for Solana and newer chains
See all 2 collapse scenarios in the full risk report →

Risk Profile at a Glance

Mechanism Novelty3/15
Interaction Severity4/20
Oracle Surface0/10
Documentation Gaps2/10
Track Record3/15
Scale Exposure7/10
Regulatory Risk2/10
Vitality Risk5/10
B

Overall: B (26/100)

Lower score = safer

More on Pyth Network

Is Pyth Network Safe?

Safety analysis

Is Pyth Network a Good Investment?

Value analysis

Full Risk Report

All mechanisms & interactions

Related DeFi Explainers

How Does Truebit Work?DHow Does Flying Tulip Work?C-How Does Arkis Work?C-How Does Virtuals Protocol Work?CHow Does Makina Work?C