The inability of smart contracts to access external data has been a significant limitation in the implementation of blockchain technology in various industries. Oracle has emerged as a solution to this problem, serving as an interface that delivers external data to smart contracts. The type of data delivered by an oracle can vary depending on the industry and requirements. This article has studied and described the widely used blockchain oracles, elaborated on their potential role, technical architecture, design patterns, and their major problem.
What are blockchain oracles?
Blockchain oracles act as intermediary services that furnish external data to smart contracts, creating a connection between blockchains and the external world. Smart contracts and blockchains inherently lack the capability to access off-chain data, which is vital for executing numerous contractual agreements. By linking on-chain and off-chain data, blockchain oracles expand the range of applications for smart contracts.
In the absence of blockchain oracles, smart contracts would be confined to using only the data available within their networks, limiting their utility. It’s essential to understand that a blockchain oracle is not the data source itself; rather, it serves as an intermediary layer that retrieves, validates, and authenticates information from external sources before transmitting it. The data conveyed by oracle can vary, including general information, payment confirmations, or sensor measurements.
To obtain external data, a smart contract must be triggered, consuming network resources in the process. Some oracles can not only relay information to smart contracts but also transmit it back to external sources. Blockchain oracles play a crucial role in the blockchain ecosystem, as they grant smart contracts access to critical external data, broadening their potential applications across various industries.
Oracle design patterns
All types of oracles discussed provide a few key functions, by definition. These include the ability to:
- Collect data from an off-chain source.
- Transfer the data on-chain with a signed message.
- Make the data available by putting it in a smart contract’s storage.
Once the data is available in a smart contract’s storage, it can be accessed by other smart contracts via message calls that invoke a “retrieve” function of the oracle’s smart contract. It can also be accessed by Ethereum nodes or network-enabled clients directly by “looking into” the oracle’s storage.
Types of blockchain oracles
Blockchain oracles can be categorized based on several characteristics, such as:
- Source: The data derived from software, hardware, or human input,
- Direction of information: It flows inbound or outbound,
- Trust: The oracle is centralized or decentralized.
An individual oracle can belong to multiple categories. For instance, an oracle that retrieves information from a company website would be classified as a centralized, inbound, software oracle.
- Software oracles
Software oracles, also known as deterministic oracles, interact with online sources of information and transmit it to the blockchain. These sources of information can include online databases, servers, websites, or any other data source on the web. Because software oracles are connected to the internet, they can supply information to smart contracts and transmit that information in real-time, making them one of the most common types of blockchain oracles.
- Hardware oracles
Smart contracts sometimes require a connection to the physical world, and hardware oracles are created for this purpose. These oracles retrieve information from the physical world and make it available to smart contracts. Examples of information sources that they can retrieve information from include electronic sensors, IoT devices, barcode/QR scanners, RFID tags, robots, and other information-reading devices. In essence, a hardware oracle “translates” real-world events into digital values that can be understood by smart contracts.
- Human oracles
In some cases, individuals with specialized knowledge or skills in a particular field can act as oracles. They can research and verify the authenticity of information from various sources and translate that information to smart contracts. Human oracles can verify their identity using cryptography, which makes it highly unlikely for fraudsters to fake their identity and provide corrupted data. In addition to transmitting deterministic data, they can also respond to arbitrary inquiries that may be difficult for machines to answer.
- Computation oracles
Up until now, we have only discussed oracles in the context of requesting and delivering data (also known as Data Carrier Oracles or Automated Oracles). However, oracles can also be used to perform arbitrary “off-chain” computation solutions, a function that can be especially useful given Ethereum’s inherent block gas limit and comparatively expensive computation cost. Rather than just relaying the results of a query, they can perform computation on a set of inputs and return a calculated result that may have been infeasible to calculate on-chain
- Contract-specific oracles
A contract-specific oracle is one that is designed to be used by a single smart contract. This means that if someone wants to deploy several smart contracts, a corresponding number of contract-specific oracles have to be developed. Maintaining this type of oracle is considered to be very time-consuming and expensive. Companies that want to extract data from a variety of sources may find this approach impractical.
- Consensus-based oracles
In contrast to software oracles, consensus-based oracles do not rely on a single source. There are several ways to create and use decentralized oracles. One approach is to use a rating system inside a prediction market. To reduce risk and provide more security, a combination of oracles might be used. For example, the average of 5 oracles could be taken, or 5 out of 7 oracles could determine the outcome of an event. They are slower because it takes more time to reach consensus.
Centralized and decentralized oracles
Centralized oracle is controlled by a single entity and is the sole provider of information for the smart contract. Relying on only one source of information can be risky, as the effectiveness of the contract depends entirely on the entity controlling the oracle. Malicious interference from a bad actor can have a direct impact on the smart contract. The main problem with centralized oracles is the existence of a single point of failure, which makes the contracts less resilient to vulnerabilities and attacks.
Decentralized oracles share some of the same objectives as public blockchains and aim to avoid counterparty risk. They increase the reliability of the information provided to smart contracts by not relying on a single source of truth. Smart contract queries multiple oracles to determine the validity and accuracy of the data, which is why decentralized oracles can also be referred to as consensus oracles. Some blockchain projects provide decentralized oracle services to other blockchains.
Decentralized oracles can also be useful in prediction markets, where the validity of a certain outcome can be verified by social consensus. While decentralized oracles aim to achieve trustlessness, it is important to note that, just like trustless blockchain networks, decentralized oracles do not completely eliminate trust but rather distribute it among many participants.
Use case of oracles
Numerous DApps in the market utilize oracles as a mechanism to bridge the gap between the off-chain world and smart contracts. Examples of data that might be provided by oracles include:
- Random numbers/entropy from physical sources such as quantum/thermal processes: e.g., for fairly selecting a winner in a lottery smart contract.
- Parametric triggers indexed to natural hazards: e.g., activating catastrophe bond smart contracts, such as Richter scale measurements for an earthquake bond.
- Exchange rate data: e.g., for accurately pegging cryptocurrencies to fiat currency.
- Capital markets data: e.g., pricing baskets of tokenized assets/securities.
- Benchmark reference data: e.g., incorporating interest rates into smart financial derivatives.
- Static/pseudo-static data: security identifiers, country codes, currency codes, etc.
- Time and interval data: for event triggers based on precise time measurements.
- Weather data: e.g., insurance premium calculations based on weather forecasts.
- Political events: for prediction market resolution.
- Sporting events: for prediction market resolution and fantasy sports contracts.
- Geolocation data: e.g., as used in supply chain tracking.
- Damage verification: for insurance contracts.
- Events occurring on other blockchains: interoperability functions.
- Ether market price: e.g., for fiat gas price oracles.
- Flight statistics: e.g., as used by groups and clubs for flight ticket pooling.
Blockchain oracle problems
The blockchain oracle problem pertains to the difficulty of verifying the accuracy of data provided by oracles, which can be caused by an unreliable data source, a low reputation of the oracle, or both. However, the impact of this issue varies across different industries that utilize blockchain technology. For instance, in the supply chain industry, the problem arises from the filtration of information by the producing company to prevent the registration of unwanted or sensitive information. In the academic sector, the oracle problem challenges the credibility of the issuing authority rather than the authenticity of the transcript. In the field of intellectual property rights (IPRs), the oracle creates a social issue where authors and certification authorities compete for the role of the oracle, which can grant them greater power over the other party. In resource management, bidirectional data flow requires two types of oracles (inbound and outbound), which further complicates the problem. Lastly, in health records, oracles can be an additional vulnerability for hackers to modify or steal patient records, particularly when multiple oracles and external databases are involved, and their security is not actively monitored.
In the realm of decentralized finance (DeFi), oracles play a crucial role, but their impact is heavily influenced by the extrinsic data required. In DeFi, personal data like KYC is not currently required since smart contracts manage all transactions without centralized authority overseeing the identities of the parties involved. Due to this, there is no need for oracles to collect personal data, resulting in no GDPR or security concerns and no requirement for external servers to manage sensitive information. The only information that is transparent in this context is the transactions associated with pseudonymous addresses.
In contrast to the academic and IPRs management sectors, the authorship of a smart contract in DeFi is solely guaranteed by the private key used to sign the agreement, and ownership of the wallet is theoretically irrelevant for contract execution. Since there is no KYC procedure, it is impossible to enforce an unwanted operation on a crypto wallet, but there is also no authority to appeal to if something goes wrong. Additionally, DeFi applications are decentralized and meant to communicate with each other, which creates similar issues to those found in resource management blockchain applications, such as the dual oracle problem.
In decentralized financial applications, only financial asset data regarding quantity and price are required. This type of data is publicly available and can be easily verified. Oracles based on the wisdom of the crowd should be able to fetch this data in a trustless manner. However, there are still risks such as malfunctions, tampering, and collusion that can alter the provided data, which is especially concerning for financial contracts that manage large transactions. Although the asset data is publicly available, there are still many issues that can prevent accurate information from being recorded on the chain. Therefore, the oracle problem in DeFi applications reflects the possibility of asset data being manipulated for selfish purposes. To address the oracle problem, many oracle providers such as Chainlink and Oraclize are offering their solutions.
Blockchain oracles play a critical role in bridging the gap between on-chain and off-chain data, extending the capabilities of smart contracts and enabling a myriad of applications. However, they also introduce the oracle problem, which pertains to the challenges of ensuring the accuracy, reliability, and security of the data provided by oracles. This issue manifests differently across various industries, ranging from supply chain management to decentralized finance, and is influenced by the nature of the external data required and the potential for manipulation or tampering.
To tackle the oracle problem, several oracle providers, such as Chainlink and Oraclize, are working on solutions that aim to improve the reliability and security of the data transmission process. Nevertheless, it is crucial for the blockchain community and industries adopting this technology to remain vigilant and continually develop strategies to enhance the trustworthiness and dependability of blockchain oracles, ensuring that the full potential of smart contracts can be realized while minimizing risks.