Ayana T Aspembitova,Michael A Bentley

DOI: https://doi.org/10.3390/e25010060

2022-12-28

Abstract:Decentralized finance (DeFi) is by far the most popular application of blockchain technology. Despite the wide acceptance of new financial instruments and services, there are still many unexplored areas in the field. We dedicate this research to the understanding of one of the most crucial limitations of decentralized finance-oracles. DeFi protocols, as well as other blockchain applications, function in a closed environment and regularly need to fetch real-world information (e.g., assets' prices)-the tool used for this purpose is called an oracle. We review the existing oracle types in DeFi applications and focus our research on the least explored one: when another protocol, typically a decentralized exchange, serves as a price oracle. After explaining the mechanisms behind the decentralized exchanges, we introduce an algorithmic model that allows one to safely design a decentralized oracle and adjust crucial parameters. We believe that understanding and implementing the logic presented in the model can help to reduce the chances of price manipulations attacks, which are the most frequent incident types in DeFi.

Bowen Liu,Pawel Szalachowski,Jianying Zhou

DOI: https://doi.org/10.48550/arXiv.2005.04377

2021-06-25

Abstract:Recently emerging Decentralized Finance (DeFi) takes the promise of cryptocurrencies a step further, leveraging their decentralized networks to transform traditional financial products into trustless and transparent protocols that run without intermediaries. However, these protocols often require critical external information, like currency or commodity exchange rates, and in this respect they rely on special oracle nodes. In this paper, we present the first study of DeFi oracles deployed in practice. First, we investigate designs of mainstream DeFi platforms that rely on data from oracles. We find that these designs, surprisingly, position oracles as trusted parties with no or low accountability. Then, we present results of large-scale measurements of deployed oracles. We find and report that prices reported by oracles regularly deviate from current exchange rates, oracles are not free from operational issues, and their reports include anomalies. Finally, we compare the oracle designs and propose potential improvements.

Cryptography and Security

Youquan Xian,Xueying Zeng,Hao Wu,Danping Yang,Peng Wang,Peng Liu

2024-10-16

Abstract:As a trusted middleware connecting the blockchain and the real world, the blockchain oracle can obtain trusted real-time price information for financial applications such as payment and settlement, and asset valuation on the blockchain. However, the current oracle schemes face the dilemma of security and service quality in the process of node selection, and the implicit interest relationship in financial applications leads to a significant conflict of interest between the task publisher and the executor, which reduces the participation enthusiasm of both parties and system security. Therefore, this paper proposes an anonymous node selection scheme that anonymously selects nodes with high reputations to participate in tasks to ensure the security and service quality of nodes. Then, this paper also details the interest requirements and behavioral motives of all parties in the payment settlement and asset valuation scenarios. Under the hypothesis of rational man, an incentive mechanism based on the Stackelberg game is proposed. It can achieve equilibrium under the pursuit of the revenue of task publishers and executors, thereby ensuring the revenue of all types of users and improving the enthusiasm for participation. Finally, we verify the security of the proposed scheme through security analysis. The experimental results show that the proposed scheme can reduce the variance of obtaining price data by about 55\% while ensuring security, and meeting the revenue of all parties.

Cryptography and Security,Computational Engineering, Finance, and Science,Distributed, Parallel, and Cluster Computing

Lingling Lu,Zhenyu Wen,Ye Yuan,Binru Dai,Peng Qian,Changting Lin,Qinming He,Zhenguang Liu,Jianhai Chen,Rajiv Ranjan

DOI: https://doi.org/10.1109/tdsc.2022.3228908

2023-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Blockchain, a distributed and shared ledger, provides a credible and transparent solution to increase application auditability by querying the immutable records written in the ledger. Unfortunately, existing query APIs offered by the blockchain are inflexible and unscalable. Some studies propose off-chain solutions to provide more flexible and scalable query services. However, the query service providers (SPs) may deliver fake results without executing the real computation tasks and collude to cheat users. In this article, we propose a novel intelligent blockchain analytics platform termed iQuery , in which we design a game theory based smart contract to ensure the trustworthiness of the query results at a reasonable monetary cost. Furthermore, the contract introduces the second opinion game that employs a randomized SP selection approach coupled with non-ordered asynchronous querying primitive to prevent collusion. We achieve a fixed price equilibrium, destroy the economic foundation of collusion, and can incentivize all rational SPs to act diligently with proper financial rewards. In particular, iQuery can flexibly support semantic and analytical queries for generic consortium or public blockchains, achieving query scalability to massive blockchain data. Extensive experimental evaluations show that iQuery is significantly faster than state-of-the-art systems. Specifically, in terms of the conditional, analytical, and multi-origin query semantics, iQuery is 2 ×, 7 ×, and 1.5 × faster than advanced blockchain and blockchain databases. Meanwhile, to guarantee 100% trustworthiness, only two copies of query results need to be verified in iQuery , while iQuery 's latency is $2 \sim 134$ × smaller than the state-of-the-art systems.

Youquan Xian,Peng Liu,Dongcheng Li,Xueying Zeng

2024-02-22

Abstract:In recent years, the Decentralized Finance (DeFi) market has witnessed numerous attacks on the price oracle, leading to substantial economic losses. Despite the advent of truth discovery methods opening up new avenues for oracle development, it falls short in addressing high-value attacks on price oracle tasks. Consequently, this paper introduces a dynamically adjusted truth discovery method safeguarding the truth of high-value price oracle tasks. In the truth aggregation stage, we enhance future considerations to improve the precision of aggregated truth. During the credibility update phase, credibility is dynamically assessed based on the task's value and the Cumulative Potential Economic Contribution (CPEC) of information sources. Experimental results demonstrate a significant reduction in data deviation by 65.8\% and potential economic loss by 66.5\%, compared to the baseline scheme, in the presence of high-value attacks.

Computer Science and Game Theory,Computational Engineering, Finance, and Science,Distributed, Parallel, and Cluster Computing

Yinjie Zhao,Xin Kang,Tieyan Li,Cheng-Kang Chu,Haiguang Wang

DOI: https://doi.org/10.1109/access.2022.3179374

IF: 3.9

2022-01-01

IEEE Access

Abstract:With the rapid development of blockchain technology in recent years, all kinds of blockchain-based applications have emerged. Among them, the decentralized finance (DeFi) is one of the most successful applications, which is regarded as the future of finance. The great success of DeFi relies on the real-world data which is not directly available on the blockchain. However, due to the deterministic nature of blockchain, the blockchain cannot directly obtain indeterministic data from the outside world (off-chain). Thus, oracles have appeared as a viable solution to feed off-chain data to blockchain applications. In this paper, we carry out a comprehensive study on oracles, especially on DeFi oracles. We first briefly introduce the application scenarios of DeFi oracles, and then we talk about the past of DeFi oracles by categorizing them into several types based on their design features. After that, we introduce five popular DeFi oracles currently in use (such as Chainlink and Band Protocol), with the focus on their system architecture, data validation process, and their incentive mechanisms. Then, we compare these present DeFi oracles from their data trustworthiness, data source trustworthiness and their overall trust models. Finally, we propose a set of metrics for designing trustworthiness DeFi oracles, and propose a potential trust architecture and a few promising techniques for building future trustworthiness oracles.

Yinjie Zhao,Xin Kang,Tieyan Li,Cheng-Kang Chu,Haiguang Wang

DOI: https://doi.org/10.48550/arXiv.2201.02358

2022-01-07

Abstract:With the rapid development of blockchain technology in recent years, all kinds of blockchain-based applications have emerged. Among them, the decentralized finance (DeFi) is one of the most successful applications, which is regarded as the future of finance. The great success of DeFi relies on the real-world data which is not directly available on the blockchain. Besides, due to the deterministic nature of blockchain,the blockchain cannot directly obtain in-deterministic data from the outside world (off-chain). Thus, oracles have appeared as a viable solution to feed off-chain data to blockchain applications. In this paper, we carryout a comprehensive study on oracles, especially on DeFi oracles. We first briefly introduce the application scenarios of DeFi oracles, and then we talk about the past of DeFi oracles by categorizing them into several types based on their design features. After that, we introduce five popular DeFi oracles currently in use(such as Chainlink and Band Protocol), with the focus on their system architecture, data validation process,and their incentive mechanisms. We compare these present DeFi oracles from their data trustworthiness,data source trustworthiness and their overall trust models. Finally, we propose a set of metrics for designing trustworthiness DeFi oracles, and propose a potential trust architecture and a few promising techniques for building trustworthiness oracles.

Cryptography and Security

Lili Chen,Rui Yuan,Yubin Xia

DOI: https://doi.org/10.1109/jcc53141.2021.00016

2021-01-01

Abstract:Smart Contracts cannot get external data directly due to the closure and determinacy of blockchain itself, limiting the extensibility of blockchain applications. Oracle is proposed to serve as a data feed to offer authenticated and deterministic external data to smart contracts. However, existing centralized oracles are efficient but vulnerable to targeted attacks and suffering from a single point of failure, while existing decentralized oracles are inefficient. The paper presents a trusted blockchain oracle based on a decentralized Trusted Execution Environment (TEE) network called Tora, which embraces both efficiency and availability. The key of Tora is a hybrid consensus mechanism with the confidential available group selection based on Proof-of-Availability (PoA). We have implemented a prototype of Tora on Ethereum with Intel Software Guard eXtensions (SGX) and evaluated it with a data-fetch use case on different measurements, including gas costs, off-chain execution time, group selection results and throughput. The results show that Tora provides considerable efficiency and scalability.

Zhimeng Yang,Ariah Klages-Mundt,Lewis Gudgeon

2023-07-28

Abstract:We investigate the theoretical and empirical relationships between activity in on-chain markets and pricing in off-chain cryptocurrency markets (e.g., ETH/USD prices). The motivation is to develop methods for proxying off-chain market data using data and computation that is in principle verifiable on-chain and could provide an alternative approach to blockchain price oracles. We explore relationships in PoW mining, PoS validation, block space markets, network decentralization, usage and monetary velocity, and on-chain Automated Market Makers (AMMs). We select key features from these markets, which we analyze through graphical models, mutual information, and ensemble machine learning models to explore the degree to which off-chain pricing information can be recovered entirely on-chain. We find that a large amount of pricing information is contained in on-chain data, but that it is generally hard to recover precise prices except on short time scales of retraining the model. We discuss how even noisy information recovered from on-chain data could help to detect anomalies in oracle-reported prices on-chain.

Cryptography and Security,Trading and Market Microstructure

Michael Sober,Giulia Scaffino,Christof Spanring,Stefan Schulte

DOI: https://doi.org/10.48550/arXiv.2111.10091

2021-11-19

Abstract:Today's blockchain landscape is severely fragmented as more and more heterogeneous blockchain platforms have been developed in recent years. These blockchain platforms are not able to interact with each other or with the outside world since only little emphasis is placed on the interoperability between them. Already proposed solutions for blockchain interoperability such as naive relay or oracle solutions are usually not broadly applicable since they are either too expensive to operate or very resource-intensive. For that reason, we propose a blockchain interoperability oracle that follows a voting-based approach based on threshold signatures. The oracle nodes generate a distributed private key to execute an off-chain aggregation mechanism to collectively respond to requests. Compared to state-of-the-art relay schemes, our approach does not incur any ongoing costs and since the on-chain component only needs to verify a single signature, we can achieve remarkable cost savings compared to conventional oracle solutions.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Shayan Eskandari,Mehdi Salehi,Wanyun Catherine Gu,Jeremy Clark

DOI: https://doi.org/10.1145/3479722.3480994

2021-09-03

Abstract:One fundamental limitation of blockchain-based smart contracts is that they execute in a closed environment. Thus, they only have access to data and functionality that is already on the blockchain, or is fed into the blockchain. Any interactions with the real world need to be mediated by a bridge service, which is called an oracle. As decentralized applications mature, oracles are playing an increasingly prominent role. With their evolution comes more attacks, necessitating greater attention to their trust model. In this systemization of knowledge paper (SoK), we dissect the design alternatives for oracles, showcase attacks, and discuss attack mitigation strategies.

Cryptography and Security,Systems and Control

Asma A. Alhussayen,Kamal Jambi,Maher Khemakhem,Fathy E. Eassa

DOI: https://doi.org/10.1109/access.2024.3400672

IF: 3.9

2024-05-22

IEEE Access

Abstract:Blockchain interoperability has become an essential requirement for the advancement of blockchain technology in numerous fields. Enterprise organizations are increasingly utilizing permissioned blockchains to manage and store their organizations' data and transactions in a private immutable ledger. Interoperability enables permissioned blockchain platforms to communicate and exchange information which is paramount for fully exploiting permissioned blockchains as facilitators for B2B applications. Additionally, the cross-network invocation of smart contracts under agreed conditions enhances business operations. Blockchain oracles can enable permissioned blockchain interoperability and cross-network transactions in a seamless and private manner. However, they have not been studied in the literature as interoperability techniques between permission blockchains. This study proposes a blockchain oracle interoperability technique designed specifically for permissioned blockchain platforms. We presented the architecture of the blockchain oracle interoperability technique and a prototypical implementation to demonstrate the practicality of the proposed technique. In addition, we obtained cross-network transaction latency measurements and analyzed the results.

computer science, information systems,telecommunications,engineering, electrical & electronic

Guillermo Angeris,Tarun Chitra

DOI: https://doi.org/10.1145/3419614.3423251

2020-06-27

Abstract:Automated market makers, first popularized by Hanson's logarithmic market scoring rule (or LMSR) for prediction markets, have become important building blocks, called 'primitives,' for decentralized finance. A particularly useful primitive is the ability to measure the price of an asset, a problem often known as the pricing oracle problem. In this paper, we focus on the analysis of a very large class of automated market makers, called constant function market makers (or CFMMs) which includes existing popular market makers such as Uniswap, Balancer, and Curve, whose yearly transaction volume totals to billions of dollars. We give sufficient conditions such that, under fairly general assumptions, agents who interact with these constant function market makers are incentivized to correctly report the price of an asset and that they can do so in a computationally efficient way. We also derive several other useful properties that were previously not known. These include lower bounds on the total value of assets held by CFMMs and lower bounds guaranteeing that no agent can, by any set of trades, drain the reserves of assets held by a given CFMM.

Trading and Market Microstructure,Optimization and Control

John Adler,Ryan Berryhill,Andreas Veneris,Zissis Poulos,Neil Veira,Anastasia Kastania

DOI: https://doi.org/10.48550/arXiv.1808.00528

2018-08-02

Abstract:The public blockchain was originally conceived to process monetary transactions in a peer-to-peer network while preventing double-spending. It has since been extended to numerous other applications including execution of programs that exist on the blockchain called "smart contracts." Smart contracts have a major limitation, namely they only operate on data that is on the blockchain. Trusted entities called oracles attest to external data in order to bring it onto the blockchain but they do so without the robust security guarantees that blockchains generally provide. This has the potential to turn oracles into centralized points-of-failure. To address this concern, this paper introduces Astraea, a decentralized oracle based on a voting game that decides the truth or falsity of propositions. Players fall into two roles: voters and certifiers. Voters play a low-risk/low-reward role that is resistant to adversarial manipulation while certifiers play a high-risk/high-reward role so they are required to play with a high degree of accuracy. This paper also presents a formal analysis of the parameters behind the system to measure the probability of an adversary with bounded funds being able to successfully manipulate the oracle's decision, that shows that the same parameters can be set to make manipulation arbitrarily difficult---a desirable feature for the system. Further, this analysis demonstrates that under those conditions a Nash equilibrium exists where all rational players are forced to behave honestly.

Cryptography and Security

Youquan Xian,Xueying Zeng,Chunpei Li,Peng Wang,Dongcheng Li,Peng Liu,Xianxian Li

2024-10-16

Abstract:In recent years, blockchain oracle, as the key link between blockchain and real-world data interaction, has greatly expanded the application scope of blockchain. In particular, the emergence of the Multi-Data Source (MDS) oracle has greatly improved the reliability of the oracle in the case of untrustworthy data sources. However, the current MDS oracle scheme requires nodes to obtain data redundantly from multiple data sources to guarantee data reliability, which greatly increases the resource overhead and response time of the system. Therefore, in this paper, we propose a Secure and Efficient Multi-data Source Oracle framework (SEMSO), which nodes only need to access one data source to ensure the reliability of final data. First, we design a new off-chain data aggregation protocol TBLS, to guarantee data source diversity and reliability at low cost. Second, according to the rational man assumption, the data source selection task of nodes is modeled and solved based on the Bayesian game under incomplete information to maximize the node's revenue while improving the success rate of TBLS aggregation and system response speed. Security analysis verifies the reliability of the proposed scheme, and experiments show that under the same environmental assumptions, SEMSO takes into account data diversity while reducing the response time by 23.5\%.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Xun Deng,Sidi Mohamed Beillahi,Cyrus Minwalla,Han Du,Andreas Veneris,Fan Long

2024-01-12

Abstract:This paper presents OVer, a framework designed to automatically analyze the behavior of decentralized finance (DeFi) protocols when subjected to a "skewed" oracle input. OVer firstly performs symbolic analysis on the given contract and constructs a model of constraints. Then, the framework leverages an SMT solver to identify parameters that allow its secure operation. Furthermore, guard statements may be generated for smart contracts that may use the oracle values, thus effectively preventing oracle manipulation attacks. Empirical results show that OVer can successfully analyze all 10 benchmarks collected, which encompass a diverse range of DeFi protocols. Additionally, this paper also illustrates that current parameters utilized in the majority of benchmarks are inadequate to ensure safety when confronted with significant oracle deviations.

Software Engineering

Prasanth Chakka,Saurabh Joshi,Aniket Kate,Joshua Tobkin,David Yang

DOI: https://doi.org/10.48550/arXiv.2305.03903

2023-05-12

Abstract:Oracle networks feeding off-chain information to a blockchain are required to solve a distributed agreement problem since these networks receive information from multiple sources and at different times. We make a key observation that in most cases, the value obtained by oracle network nodes from multiple information sources are in close proximity. We define a notion of agreement distance and leverage the availability of a state machine replication (SMR) service to solve this distributed agreement problem with an honest simple majority of nodes instead of the conventional requirement of an honest super majority of nodes. Values from multiple nodes being in close proximity, therefore, forming a coherent cluster, is one of the keys to its efficiency. Our asynchronous protocol also embeds a fallback mechanism if the coherent cluster formation fails. Through simulations using real-world exchange data from seven prominent exchanges, we show that even for very small agreement distance values, the protocol would be able to form coherent clusters and therefore, can safely tolerate up to $1/2$ fraction of Byzantine nodes. We also show that, for a small statistical error, it is possible to choose the size of the oracle network to be significantly smaller than the entire system tolerating up to a $1/3$ fraction of Byzantine failures. This allows the oracle network to operate much more efficiently and horizontally scale much better.

Distributed, Parallel, and Cluster Computing

Youquan Xian,Xueying Zeng,Chunpei Li,Dongcheng Li,Peng Wang,Peng Liu,Xianxian Li

2024-11-05

Abstract:With the rapid development of Decentralized Finance (DeFi) and Real-World Assets (RWA), the importance of blockchain oracles in real-time data acquisition has become increasingly prominent. Using cryptographic techniques, threshold signature oracles can achieve consensus on data from multiple nodes and provide corresponding proofs to ensure the credibility and security of the information. However, in real-time data acquisition, threshold signature methods face challenges such as data inconsistency and low success rates in heterogeneous environments, which limit their practical application potential. To address these issues, this paper proposes an innovative dual-strategy approach to enhance the success rate of data consensus in blockchain threshold signature oracles. Firstly, we introduce a Representative Enhanced Aggregation Strategy (REP-AG) that improves the representativeness of data submitted by nodes, ensuring consistency with data from other nodes, and thereby enhancing the usability of threshold signatures. Additionally, we present a Timing Optimization Strategy (TIM-OPT) that dynamically adjusts the timing of nodes' access to data sources to maximize consensus success rates. Experimental results indicate that REP-AG improves the aggregation success rate by approximately 56.6\% compared to the optimal baseline, while the implementation of TIM-OPT leads to an average increase of approximately 32.9\% in consensus success rates across all scenarios.

Distributed, Parallel, and Cluster Computing,Emerging Technologies

Amirmohammad Pasdar,Zhongli Dong,Young Choon Lee

DOI: https://doi.org/10.48550/arXiv.2106.09349

2021-06-17

Abstract:Blockchain is a form of distributed ledger technology (DLT) where data is shared among users connected over the internet. Transactions are data state changes on the blockchain that are permanently recorded in a secure and transparent way without the need of a third party. Besides, the introduction of smart contracts to the blockchain has added programmability to the blockchain and revolutionized the software ecosystem leading toward decentralized applications (DApps) attracting businesses and organizations to employ this technology. Although promising, blockchains and smart contracts have no access to the external systems (i.e., off-chain) where real-world data and events resides; consequently, the usability of smart contracts in terms of performance and programmability would be limited to the on-chain data. Hence, \emph{blockchain oracles} are introduced to mitigate the issue and are defined as trusted third-party services that send and verify the external information (i.e., feedback) and submit it to smart contracts for triggering state changes in the blockchain. In this paper, we will study and analyze blockchain oracles with regard to how they provide feedback to the blockchain and smart contracts. We classify the blockchain oracle techniques into two major groups such as voting-based strategies and reputation-based ones. The former mainly relies on participants' stakes for outcome finalization while the latter considers reputation in conjunction with authenticity proof mechanisms for data correctness and integrity. We then provide a structured description of patterns in detail for each classification and discuss research directions in the end.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Zhiyuan Wang,Mingan Gao,Gehao Lu

DOI: https://doi.org/10.3390/s24020502

IF: 3.9

2024-01-14

Sensors

Abstract:In the realm of IoT sensor data security, particularly in areas like agricultural product traceability, the challenges of ensuring product origin and quality are paramount. This research presents a novel blockchain oracle solution integrating an enhanced MTAS signature algorithm derived from the Schnorr signature algorithm. The key improvement lies in the automatic adaptation of flexible threshold values based on the current scenario, catering to diverse security and efficiency requirements. Utilizing the continuously increasing block height of the blockchain as a pivotal blinding parameter, our approach strengthens signature verifiability and security. By combining the block height with signature parameters, we devise a distinctive signing scheme reliant on a globally immutable timestamp. Additionally, this study introduces a reliable oracle reputation mechanism for monitoring and assessing oracle node performance, maintaining both local and global reputations. This mechanism leverages smart contracts to evaluate each oracle's historical service, penalizing or removing nodes engaged in inappropriate behaviors. Experimental results highlight the innovative contributions of our approach to enhancing on-chain efficiency and fortifying security during the on-chain process, offering promising advancements for secure and efficient IoT sensor data transmission.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation