Oracle-related exploits are often due to a faulty oracle, but sometimes it’s just a bad implementation by a user 6M+ exploited in KiloEx because anyone could change the oracle being used by the protocol due to lack of access control Rough but seems like a rookie mistake