# Pessimistic Price Oracle Grace Pessimistic Price Oracle (PPO) improves upon the previous generation of [FiRM](https://inverse.finance/firm)’s PPO design. This new iteration of PPO renders most flashloan, multi-block and even multi-day collateral inflation and debt deflation attacks ineffective. This allows Grace to dramatically reduce the risk of on-boarding new collateral types and on-chain price feeds that were previously considered too risky. ## Collateral PPO The PPO prevents **the borrowing power** of each collateral from exceeding **the lowest recorded price** of the collateral over the past 2 weeks based on the collateral factor. This removes the incentive of single and multi block attacks because a collateral price inflation attack cannot be profitable regardless of the oracle price originating from the potentially vulnerable price feed. For example, let's say the current ETH collateral 2-week low was $1000. Say ETH has a 50% collateral factor, meaning that you can only borrow 50% of its value. A few days later, ETH oracle price suddenly rises to $3000. Normally you would be able to borrow $1500 (50%). However, this is a problem. Because your collateral's entire value was $1000 only a few days ago, and now you're able to borrow more than its previous value. Therefore, there is a potential for a profitable manipulation here. In this case, the PPO will temporarily reprice ETH down to $2000. Because at $2000 and 50% collateral factor, you are only able to borrow the lowest value of your collateral, which is $1000, but not more. At $2000 ETH, there is no incentivize to manipulate the oracle. At the same time, ETH is still priced much higher than the low ($2000 instead of $1000). {% hint style="info" %} Most times, the PPO will continue to price collateral based on the live oracle price. However, based on the rule outlined above, if the collateral price makes any dangerous swings, the PPO makes sure that these swings are capped to eliminate incentive for manipulation. {% endhint %} ## Debt PPO Grace PPO also adds a similar mechanism for pricing debt tokens, where the highest recorded price over the past 2 weeks is used. This prevents a another class of manipulation attacks where an attacker may try to artificially reduce the price of borrowed tokens in order to increase the amount of tokens that can be borrowed per collateral. Unlike the collateral PPO above, debt PPO does not take collateral factor into consideration. It is a simpler mechanism that simply uses the highest 2-week debt price. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.grace.loans/grace/pessimistic-price-oracle.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.