Ethereum's Oracles: Unleashing Trustless Wisdom from Beyond the Blockchain

In this chapter, we'll explore oracles in Ethereum. Oracles are systems that link Ethereum smart contracts with external data sources. The term "oracle" comes from Greek mythology, where it referred to a person who communicated with gods and could see the future. In the blockchain world, an oracle serves as a connection between Ethereum and the real world by providing answers to questions beyond Ethereum.

Oracles are essential in enabling smart contracts to use real-world information, like stock prices or weather updates. This external data helps smart contracts execute actions based on certain conditions. What makes oracles fascinating is their trustless nature. They work on decentralized principles, meaning they don't rely on a single authority and don't require blind trust.

By exploring Ethereum's oracles, we aim to simplify and clarify their role in the blockchain ecosystem. Join us as we unravel the workings of these trustless systems that connect smart contracts to the outside world.

Why Oracles Are Needed

In Ethereum, there is a system called the Ethereum Virtual Machine (EVM) that runs programs and updates the Ethereum network. It follows specific rules agreed upon by the network to make sure everyone agrees on what should happen. However, there are two important limitations that come with these rules.

Firstly, the EVM cannot use a random function to generate randomness for smart contracts. If it did, different computers on the network would end up with different results, causing disagreements. This would prevent the network from reaching a shared decision on what should happen. It could quickly lead to even bigger problems, like incorrect transfers of money.

Secondly, external data, like real-time information or random numbers, can only be added to the Ethereum network through transactions. However, this data cannot be trusted because it comes from sources that cannot be verified.

To solve these issues, Ethereum uses oracles. Oracles act as a bridge between the Ethereum network and external sources of data. They provide reliable information to smart contracts, so they can make informed decisions. In the next part of this chapter, we will explore oracles in more detail and how they help overcome these limitations.

Oracles Use Cases and Examples

Oracles serve as a way to securely bring real-world information onto the Ethereum platform for smart contracts to use. They act as a bridge between off-chain data and the blockchain. By using oracles, smart contracts can enforce agreements based on real-world events and data, expanding their capabilities.

However, relying on oracles introduces certain risks to Ethereum's security. For instance, if a smart contract controls a large inheritance amount and depends on an oracle to trigger its distribution upon someone's death, there is a high incentive for hackers to manipulate the oracle and steal the assets before the intended time.

It's important to note that some oracles provide data from trusted private sources, such as universities or government departments. This data, like academic certificates or government IDs, is subjective and can only be trusted based on the authority of the source. While such data sources are not fully trustless, they are still considered oracles as they provide a bridge for smart contracts to access the data they need.

Here are some examples of the types of data that oracles can provide:

• Random numbers for fair lottery selections
• Triggers based on natural disasters, such as earthquake measurements for catastrophe bonds
• Exchange rates for accurate cryptocurrency conversions
• Capital markets data for pricing tokenized assets
• Benchmark reference data, like interest rates, for smart financial derivatives
• Static data like security identifiers or country codes
• Time and interval data for event triggers
• Weather data for insurance calculations
• Information on political events for prediction markets
• Sporting event outcomes for prediction markets and fantasy sports contracts
• Geolocation data for supply chain tracking
• Verification of damages for insurance contracts
• Events happening on other blockchains for interoperability
• Ether market prices for determining gas prices in fiat currency
• Flight statistics for flight ticket pooling by groups or clubs.

These are just a few examples of how oracles can provide valuable information to smart contracts, enabling them to interact with the real world.

In the following sections, we will examine some of the ways oracles can be implemented, including basic oracle patterns, computation oracles, decentralized oracles.

Oracle Design Patterns

All oracles have some important functions. These include:

1. Collecting data from sources outside the blockchain.
2. Transferring the data to the blockchain using a signed message.
3. Making the data available by storing it in a smart contract's storage.

Once the data is stored in a smart contract, it can be accessed by other smart contracts, Ethereum nodes, or network-enabled clients. They can retrieve the data by calling a specific function in the oracle's smart contract or directly accessing the oracle's storage.

There are three main ways to set up an oracle:

1. Immediate-read oracles provide data that is needed for immediate decisions. For example, checking someone's age or finding the address of a website. These oracles store the data in their contract storage and allow other smart contracts or applications to look it up without a transaction. This type of oracle is useful for organizations that need to provide trusted data and eliminates the need for them to maintain their own servers. The data stored may be a hash or a summarized version to ensure efficiency and privacy.
2. Publish-subscribe oracles act as a broadcast service for data that changes regularly. Smart contracts can either poll the oracle on-chain or watch for updates off-chain. This pattern is similar to RSS feeds or WebSub, where the oracle updates with new information and signals that new data is available to subscribers. Interested parties can poll the oracle or listen for updates. Examples include price feeds, weather information, and social statistics. Polling is efficient in blockchain platforms like Ethereum as clients are constantly updated with state changes. Ethereum event logs make it easy for applications to receive updates from oracles.
3. Request-response oracles are more complex and used when the data space is too large to store in a smart contract, but users only need specific parts of the data at a time. This setup is suitable for data provider businesses. The oracle consists of on-chain smart contracts and off-chain infrastructure. When a decentralized application requests data, a transaction is initiated, specifying the requested data and additional information. The oracle processes the request, retrieves the data from an off-chain source, and returns it. The oracle may require payment, gas fees, and permissions. The resulting data is signed by the oracle owner and delivered to the decentralized application. The oracle may periodically update the data with new transactions. This setup is useful for handling large datasets and specific data requests.

For a request-response oracle, the steps can be summarized as follows:

1. Receive a query from a decentralized application (DApp).
2. Parse the query and check for payment and data access permissions.
3. Retrieve the relevant data from an off-chain source, encrypting it if needed.
4. Sign the transaction(s) with the data included.
5. Broadcast the transaction(s) to the network.
6. Schedule any additional necessary transactions, such as notifications.

Oracles can take various forms, including human, software, or hardware. They can be used to request and return data directly by an externally owned account (EOA) or through Internet of Things (IoT) devices.

The request-response pattern is commonly used in client-server architectures, allowing applications to have two-way communication. However, it may not always be suitable. For instance, if a smart bond needs an interest rate from an oracle, using a request-response pattern would require daily requests to ensure the rate is up to date. Considering that interest rates change infrequently, a publish-subscribe pattern may be more appropriate. This pattern categorizes published messages and allows subscribers to express interest in specific categories, reducing network bandwidth usage and storage costs.

In a broadcast or multicast pattern, an oracle posts messages to a channel, and subscribing contracts listen to the channel based on their subscription preferences. For example, an oracle could publish messages to a cryptocurrency exchange rate channel. A subscribing contract might request the full content of the channel for a moving average calculation, while another contract might only need the latest rate for a spot price calculation. A broadcast pattern is suitable when the oracle doesn't need to know the identity of the subscribing contract.

Data Authentication

If we assume that the data source queried by a decentralized application (DApp) is authoritative and trustworthy, there is still a concern about the trustworthiness of the oracle and the request-response mechanism operated by different entities. Data tampering during transit is a possibility, so it is crucial to have off-chain methods to ensure the integrity of the returned data. Two common approaches for data authentication are authenticity proofs and trusted execution environments (TEEs).

Authenticity proofs are cryptographic guarantees that the data has not been tampered with. They shift the trust from the data carrier to the attestor, who provides the attestation. Smart contracts can verify the authenticity proof on-chain to ensure the integrity of the data before using it. Oraclize is an example of an oracle service that utilizes various authenticity proofs. One available proof is TLSNotary, which provides evidence that HTTPS web traffic occurred between the client and a server. TLSNotary relies on TLSNotary signatures and splits the TLS master key between the server (oracle), an auditee (Oraclize), and an auditor (AWS virtual machine instance). This approach offers higher assurance against data tampering but relies on the assumption that Amazon will not tamper with the VM instance.

Town Crier is an oracle system based on the TEE approach, which uses hardware-based secure enclaves to ensure data integrity. Town Crier employs Intel's Software Guard eXtensions (SGX), which guarantees integrity and confidentiality of applications running within an enclave. SGX allows attestation, providing a digitally signed proof that an application is securely running within an enclave. Decentralized applications can verify this proof to ensure that a Town Crier instance is running securely within an SGX enclave, ensuring the authenticity of the emitted data. The confidentiality property enables Town Crier to handle private data by encrypting data queries using the instance's public key. Operating the oracle's query/response mechanism within an enclave like SGX ensures that it runs securely on trusted third-party hardware, ensuring the requested data is returned untampered (assuming trust in Intel/SGX).

In simple terms, authenticity proofs are cryptographic guarantees that data hasn't been tampered with, and trusted execution environments use secure enclaves to ensure data integrity. These approaches provide additional assurance when verifying the authenticity and integrity of data returned by oracles.

Computation Oracles

Oracles can do more than just fetch data. They can also perform complex computations that would be too expensive or impossible to do on the Ethereum blockchain. There are different approaches to achieve this.

One option is to use Oraclize, a centralized but auditable service. With Oraclize, decentralized applications can request a computation to be performed in a sandboxed AWS virtual machine. The computation is carried out within a Docker container, and the result is returned to the application. While this solution offers auditability, it is not truly decentralized.

Microsoft's ESC Framework introduces the concept of "cryptlets" as a way to provide verifiable oracle truths. Cryptlets run in an encrypted capsule and handle tasks like signing and validating messages. They support complex transactions across multiple blockchains and external systems, enabling developers to create private and portable solutions for smart contracts.

For a more decentralized approach, TrueBit offers a solution for off-chain computation. It involves solvers and verifiers who perform computations and verify them. In case of a challenge, an iterative verification process takes place on-chain. Ethereum miners act as judges to make a final ruling. TrueBit creates a computation market where decentralized applications can pay for verifiable computation outside of the network. This allows trustless smart contracts to perform various computational tasks securely.

TrueBit has applications in fields like machine learning and proof of work verification. For example, the Doge-Ethereum bridge uses TrueBit to verify Dogecoin's proof of work within a smart contract on Ethereum's Rinkeby testnet. This enables secure verification of Dogecoin transactions on the Ethereum blockchain.

In summary, oracles can perform computations, and different approaches like Oraclize, cryptlets, and TrueBit offer ways to achieve this. These methods provide options for decentralized applications to perform complex computations securely and efficiently.

Decentralized Oracles

To address the limitations of centralized oracles, decentralized approaches have been proposed. ChainLink, for example, suggests a decentralized oracle network composed of three smart contracts and an off-chain registry of data providers. The reputation contract tracks data providers' performance, while the order-matching contract selects bids from oracles based on reputation scores. The aggregation contract collects responses from multiple oracles, calculates the final result, and updates the reputation contract.

However, the challenge lies in determining how to aggregate the responses. ChainLink proposes a weighted response approach, where validity scores are assigned to oracle responses. Detecting invalid scores is difficult, as it relies on identifying outliers. Customized aggregation contracts are also allowed to address specific needs.

Another approach is the SchellingCoin protocol, where participants report values and the median value is considered correct. Reporters must provide a deposit, which is redistributed to values closer to the median. This encourages the reporting of values that align with others, aiming for a common value or Schelling point.

Jason Teutsch proposed a decentralized off-chain data availability oracle that utilizes a dedicated proof-of-work blockchain. Miners download, store, and propagate registered data to ensure local availability. While this system requires significant resources, storage can be reused by releasing data after a certain period.

In summary, decentralized oracle approaches like ChainLink, SchellingCoin, and Teutsch's proposal aim to ensure data availability and create networks of individual data providers. These methods address the limitations of centralized oracles and promote decentralized decision-making in the Ethereum network.

Conclusion

Oracles play a vital role in smart contracts by providing external information. However, they also bring risks. If you trust an oracle without caution, it can compromise the security of your smart contract by providing false data. It's important to carefully consider the trustworthiness of an oracle before using it.

Decentralized oracles can address some of these concerns by providing trustless external data to Ethereum smart contracts. By making careful choices, you can start exploring the connection between Ethereum and the real world that oracles offer.

Comments

[Utsav Desai]

An intriguing dive into Ethereum's oracles! This article seems poised to reveal how oracles bring external data onto the blockchain, unlocking new possibilities for trustless applications. Excited to learn how these "wise" tools enhance Ethereum's capabilities.

[Bhavypatel45]

This blog post about Ethereum's oracles is really interesting! It explains how oracles help bring information from the outside world into the blockchain. Oracles are important because they provide trustworthy data to smart contracts. The article talks about different types of oracles and their pros and cons. It's cool to see how oracles make it possible to use real-world information in blockchain applications. I learned a lot from this article and I'm excited to learn more about Ethereum's oracles in the future!