On-Chain Options Protocol Development
Hegic options protocol lost $48k in 2020 due to an error in premium calculation: integer division in Solidity with incorrect operation order gave zero option value for certain parameters. Users got free options. This isn't a theoretical vulnerability — this is what happens when financial math gets ported to EVM without careful edge-case testing.
On-chain options are more complex than most DeFi primitives: you simultaneously need pricing model, liquidity management, settlement mechanics, and protection from price manipulation. Each component is a separate risk vector.
Key Technical Problems of Options Protocol
On-Chain Pricing: Volatility Problem
Black-Scholes requires implied volatility (IV). IV is a dynamic value that changes every minute. On blockchain you have two choices: hardcode IV (simple, but inaccurate) or get it from oracle (complex, but honest).
Dopex uses Chainlink for IV. Lyra Protocol implemented custom off-chain volatility with on-chain verification via SNX staking. Hegic v888 simplified — fixed IV per asset, updated by governance.
For production protocol, we use two-level approach: Chainlink price feed for spot price + rolling standard deviation of price over 30 days as proxy for historical volatility. Not perfect, but significantly lower attack surface than IV-oracle with thin liquidity.
Premium formula in Solidity requires fixed-point arithmetic. ABDKMath64x64 library gives 64.64-bit precision, sufficient for options math. Pure uint256 with 1e18 scaling works, but requires careful overflow control in multiplication chains — use mulDiv from OpenZeppelin instead of direct operations.
Settlement: European vs American Style
European style (exercise only at expiry) — simpler to implement. Settlement happens in one transaction: compare spot price at expiry moment with strike, pay the difference. Problem: spot price at expiry moment is manipulable. $10M flash loan shifts spot Chainlink? No — Chainlink aggregates data with delay, but TWAP from AMM pool? Yes.
American style (exercise any time until expiry) — significantly more complex. Need keeper mechanism or user calls exercise() themselves. If exercise is profitable but user forgot — they lose money. Options protocols solve this via Gelato Network or Chainlink Automation for automatic ITM option execution before expiry.
Liquidity Pools for Position Coverage
Protocol can work in two models:
Peer-to-pool. One liquidity pool covers all sold options. Liquidity provided by LPs in exchange for fees. Risk: if market moves sharply against pool positions — LPs suffer losses. This is how Hegic and Dopex work.
Peer-to-peer orderbook. Option sellers set their own prices and lock collateral. Buyers match with sellers. Lower liquidity, but no systematic risk for pool. This is how Opyn works (oToken standard).
For peer-to-pool, collateral requirement calculation is critical. Call option is covered by base asset (or cash-equivalent). Put option — by stablecoin at strike * amount. If protocol allows undercollateralization — this is an attack vector through fast price movement and liquidation delay.
Protocol Architecture
Contracts and Their Interaction
OptionsFactory
├── OptionsPool (per asset, per expiry)
│ ├── PricingEngine (Black-Scholes approximation)
│ ├── CollateralVault (locked LP funds)
│ └── SettlementModule
├── OracleAdapter (Chainlink + TWAP fallback)
└── FeeCollector
OptionsFactory deploys new OptionsPool for each asset/expiry pair or manages single pool with series mapping. Single pool with mapping is simpler for audit but creates cross-series risk.
OracleAdapter is a wrapper with circuit breaker. If Chainlink staleness > 1 hour or deviation > 10% from TWAP — trading pauses. This protects from oracle manipulation and black swan data events.
Greeks and Pool Risk Management
Full on-chain delta/gamma hedging is economically unjustifiable at current gas costs. Protocols solve this differently:
Lyra v2 uses off-chain market maker with on-chain settlement. MM manages greeks off-chain, syncs position with pool periodically. Compromise between decentralization and efficiency.
Dopex introduced SSOV (Single Staking Option Vaults) concept — strikes and expiry fixed by epoch, simplifying liquidity management and hedging.
For our protocol: open interest cap on each strike and expiry via maxCallsOI and maxPutsOI parameters. Not ideal hedging, but predictably limits pool risk.
Testing and Security
Fuzz tests in Foundry cover:
- Premium never equals zero at non-zero size
- Settlement amount never exceeds locked collateral
- Impossible to exercise expired option
- Oracle price staleness correctly detected
Fork tests on mainnet: buy option, manipulate Uniswap TWAP via large swap, try to exercise at manipulated price — protocol should either use Chainlink or revert.
Before deployment — mandatory external audit. Options protocols are in top 5 by DeFi hack losses. Code4rena contest or direct audit at Trail of Bits, Spearbit.
Work Process
Specification (3-5 days). Option types (call/put, European/American), liquidity style (peer-to-pool/P2P), supported assets, expiry mechanics, governance.
Design (1 week). Storage layout of all contracts, interfaces, pricing math with Python reference verification before Solidity implementation.
Development (4-6 weeks). Contracts + tests (unit, fuzz, fork). Separate pricing engine module with upgrade capability via UUPS — valuation models change.
Audit (2-4 weeks). Internal + external. For mainnet deployment, no work without audit.
Deployment and monitoring. Forta bots for monitoring unusual volumes, Tenderly for alerts on on-chain events.
Timeline Estimates
Minimal protocol (one asset, European style, fixed IV) — 6-8 weeks development without audit. Full multi-asset protocol with greeks and automatic settlement — 2-3 months. Audit timelines add separately.