I can expand upon Chainlink’s cryptoeconomic security for clarity. Chainlink oracle networks are cryptoeconomically secured today through implicit incentives. Each Chainlink node in the network holds and is paid in LINK tokens for their oracle services. The value of LINK itself is derived from the health, adoption, and reputation of the network as a whole, creating a strong economic incentive for each node to provide a secure and reliable source of external data (e.g. ETH/USD) in order to uphold the value of not only their current LINK holdings but also their future revenue (which is denominated in LINK).
We see implicit incentives in existing networks like Bitcoin and Ethereum. Because Ethereum miners hold and are paid in ETH, they operate the protocol faithfully because a corrupted network would result in the devaluation of ETH due to the destroyed trust of the network, creating financial harm to themselves. In the Chainlink Network, a successful collusion attack between the most reputable and profitable nodes that ends up results in a significant loss/exploits for DeFi protocols would likewise destroy trust in the network, resulting in a devaluation of the value of LINK.
In addition, each individual Chainlink node is a publicly identifiable entity with their individual future revenue, reputation, and off-chain business on the line. Chainlink nodes operated by enterprises like Deutsche Telekom and data providers like Kaiko have significant revenue both within and outside of the Chainlink network, which would be forfeited through malicious activity. Therefore, for economically rational nodes, it is more profitable to be honest, which is why the honest majority assumption works for networks like Bitcoin, Ethereum, Chainlink, etc.
What you noted about the gold price feed from a year ago wasn’t an attack on the network but a misconfiguration of a single feed that resulted in minimal issues. If tens of billions of dollars had been stolen as a result, the value of LINK would have certainly been significantly affected here, creating a financial penalty. The devaluation of the native token depends on the severity of the network issue/attack. The Chainlink network has been significantly hardened since then and uses an entirely different oracle network model, so such issues have not occurred since, but the security of the Chainlink network is not static and continues to evolve.
The Chainlink 2.0 whitepaper was recently published which modeled an explicit staking mechanism where nodes stake their LINK tokens in a service agreement and can be slashed for providing manipulated data. Here, a two-tier oracle network model is used, with a low-cost first-tier that continuously generates oracle reports and a higher-cost maximum-security second tier used for settling disputes, which creates a super-linear staking impact where the cost of attack is significantly greater (quadratic in the number of first-tier nodes) than the sum of all deposits within that network.
The first-tier consists of nodes explicitly staking LINK while the second-tier consists of the most reputable, reliable, and profitable nodes in the Chainlink network who have the greatest financial exposure to LINK and as rational economic actors resolve the rare disputes accurately in order to uphold the value of their LINK holdings, LINK staked in other first-tier networks, future LINK revenue, and individual reputation. The whitepaper goes much deeper into this mechanism than I can cover here, but this mechanism would provide slashing-based cryptoeconomic security in addition to the existing implicit incentives-based cryptoeconomic security.
research.chain[dot]link/whitepaper-v2.pdf