The Oracle Problem
July 28, 2019
People in the crypto sphere want to “decentralize everything”. One of Bitcoin’s goal is to cut the middleman in monetary transactions. Things like smart contracts make it possible to go further and have “programmable money” (the most famous platform for this being Ethereum). But what if we could move a bit further and extract the blockchain from its isolated state and wire it to the reality around us?
Smart contracts are computer programs that live on the blockchain and are executed by the nodes of a distributed network. Their purpose is usually to handle transactions following a set of rules without involving a third party.
N.B. You’ll often hear about Ethereum when it comes to smart contract but Bitcoin also has a contract language. It’s called “Script” and it voluntarily simple so that it will reduce the chances of bugs. Even though Script is simple, it can handle things like multisig (money transfer involving more than two parties) for example. On the other hand, “Solidity” is a more permissive language but multiple bugs have occurred on Ethereum to this day (see DAO exploit).
An example of a smart contract would be a crowdfunding contract. There are crowdfunding platforms out there like Kickstarter, Indiegogo or Ulule. Project creators go on these platforms asking for some amount of money. People are free to support the project and if the goal amount is met, the project creator cashes in the money.
You could do the same thing using a smart contract. People would send money to the smart contract and if a threshold is met, make a transaction toward a receiver. If it is not met by a deadline, the money is sent back to the funders.
By doing this with a smart contract, you get rid of a third party that could keep the money or cancel your funding campaign.
In simple cases where they only handle money or data inside the blockchain, smart contracts work well. But you might want to interact with the real world for advanced cases. You might want a smart contract that reacts to some events like for example reacting to a rise of the dollar price or some other news like geopolitical events?
One concrete example would be a smart contract for sport bets: gamblers place money on a smart contract for the team the want to bet on. When the game is over and one team is victorious, the information is sent by an oracle to the smart contract and the contract dispatches the correct amount to the lucky bettors who placed their money on the right horse!
Oracles are services that very and feed real-world events into a blockchain system.
They are usually software that get data from the internet via a thing called a web API (for Application Gateway Interface, it’s something programmers create to allow machines to talk directly to each other).
The possibilities that oracles would allow for the decentralized web would be fantastic but we will see that it’s not that simple to introduce oracles without breaking the decentralization of the system which is the main reason behind cryptocurrencies.
As I said earlier, oracles rely on APIs. APIs are provided by third parties. You now depend on these third parties you tried to eliminate in the first place with your decentralized system.
Going back to our sport bets example: let’s say we implement the smart contract and the oracle so that the data for the outcome of the game would be fetched from “my-awesome-trustable-sports-results.com” (the domain actually doesn’t exist as of the day of the writing but someone might buy it in the future).
Starting to spot the problem here?
That’s right, the execution of the contract relies entirely on the truth behind that API and the people working at my-awesome-trustable-sports-results.com!
What if some employee fills in false information in the software?
Let’s say “Careless Joe” is in charge of the input of the game outcome. But it’s Friday evening and Joe wants to meet his friends at the bar. He fills in the wrong winning team, grabs his coat and is gone until Monday. Now people are losing money! Mistakes happen all the time in real life and it does conflict with the immutable nature of blockchain.
The blockchain data structure makes it very hard to change the past and that’s ok! No one wants a transaction from five years ago to be changed. But when it comes to oracles, no mistake is allowed! We can’t just fork the entire blockchain because someone made a mistake!
Now instead of Careless Joe, we’ve got Greedy Jerry. Jerry knows that the API used where he works is used by this decentralized betting website as a source of truth. Jerry wants to buy a minivan for holidays so he is going to bet a large amount on the team that no one wants to bet on because everybody is positive that they are going to lose tonight. Then he is going to enter the wrong name and just cash in his money.
Another example would be an insurance smart contract: you covered your house with an insurance smart contract. You house burns. Who is in charge of telling the contract that the house actually burned? All parties involved have opposed incentives: insurance company doesn’t want to lose its money, you want to be paid and a third party (like fire department) could be influenced into feeding wrong information to the system.
Wrong data could happen on the blockchain (faulty sensor, mistake or data tempering) You can’t know for sure if data reflects what happened in the reality. This is a problem because whoever controls the API also controls the smart contract. It removes the trustlessness and the decentralization of it.
This last part will be more an open question. The decentralized oracle problem is an important and difficult one and there are a lot of people and companies claiming that they solved this problem. If you have a solution that you’d like to suggest, you can tell me on Twitter where I’m @vincentdnl and I’ll gladly talk about it.
I’ve seen solutions for decentralized oracles that rely on independent nodes acting as a middleware between the API and the blockchain. These nodes are often incentified with a token reward system for having a good reputation. Among criteria for the reputation you can have the amount of token staked on the node. So it boils down to “the richest gets to decide the version of the truth”. I don’t know if I’m ok with that… Another reason for the need to stake might be to avoid a Sybil attack that would consist on spawning multiple nodes at no expense.
Maybe a solution to explore would be something based on a web of trust. Nodes could enter a web of trust and if they don’t behave they can be kicked out by the other users.
Having a question or suggestion about the article?
Tell me on Twitter where I'm @vincentdnl!
Help others understand Bitcoin and cryptocurrencies by sharing this post!