DEFI

"LongHash Column: The Oracle Problem in DeFi May Have No Solution"

share
"LongHash Column: The Oracle Problem in DeFi May Have No Solution"

Decentralized Finance (DeFi), with smart contracts that eliminate the need for trusted third parties, is essentially a movement aimed at replacing the vast majority (if not all) of the functions of legacy financial systems. However, as it stands currently, DeFi has not fully achieved this goal. This is because the most notable types of smart contracts still require the use of trusted third parties in the form of oracles.

Table of Contents

While developers and researchers in the DeFi space have been working hard to address oracle issues, it remains uncertain whether they will find an effective solution. If oracles cannot resist government scrutiny and corruption, many core selling points of DeFi will evaporate.

What are price oracles, and why are they necessary?

Around 2017, much like many other terms in the cryptocurrency field, smart contracts gradually became a buzzword lacking meaning. A smart contract, at least in theory, is a contract enforced through code on a blockchain that is different from traditional legal systems. The issue is that many of these contracts include oracles.

In simple terms, an oracle refers to a trusted individual or entity that uploads real-world data to the blockchain world. For instance, if two parties bet on the outcome of a basketball game through a smart contract on the chain, a third-party oracle provides the relevant data to the smart contract for understanding the game's result. This process is usually automated by software. For example, a bot can scrape game scores from the NBA website and automatically publish the scores on the blockchain. However, whether this role is fulfilled by a human or software, it exists outside the blockchain.

The need for oracles arises because networks like Ethereum lack knowledge of the external world. Without a third party providing data from off-chain sources, the Ethereum network cannot understand the current ETH/USD exchange rate or who won the recent U.S. presidential election.

This reality is known as the oracle problem, which, to varying degrees, persists in all DeFi applications released to date.

What are the current issues with oracles?

Even though you can currently bet on sports events, hedge your cryptocurrency assets against local fiat without entrusting custody to a third party, you still need oracles to handle these contracts.

These oracles can be malicious or invalid, meaning disputes over smart contracts may go wrong. For instance, if an oracle is compromised, the entity controlling the outcome no longer represents the oracle but a hacker. Alternatively, if two parties bet on a sports event, the losing side may bribe the oracle to report the wrong result, leading the smart contract to send funds to the actual losing party. Because the blockchain itself cannot verify the veracity of off-chain data provided by the oracle, such fraudulent activities are possible. Although the actual winner may raise objections, blockchain transactions are often irreversible.

In essence, while code is indeed written on the blockchain, this fact does not help us resist corrupt oracles. On the one hand, DeFi is sometimes referred to as "money Lego"; on the other hand, some critics argue that the potential issues related to oracles make it more like "money Jenga."

The time people have spent on some key concepts behind DeFi is almost as long as the history of Bitcoin. For example, the Mastercoin (now known as Omni) whitepaper released in January 2012 discussed some smart contracts popular in DeFi at the time, such as ICOs and stable assets. However, the oracle problem remains unresolved to this day.

"It's a complete mess, and no one has taken the oracle problem seriously so far," Paul Sztorc, founder of Bitcoin Hivemind and Drivechain, told LongHash when asked about the current state of DeFi oracles.

In 2017, Sztorc gave a talk at the QCon event in London summarizing various oracle solutions proposed over the years, including his own Bitcoin Hivemind project. One of the critical issues he focused on was the incentive for oracles to accept bribes from users or even become users themselves and manipulate betting outcomes for profit. Sztorc also mentioned the problem of oracle data being resold at a lower price after being made public, making it more challenging for oracles to receive their rewards.

During his talk, Sztorc used the metaphor of putting money in a black box to explain the oracle problem. In his view, if Alice and Bob bet on something using an oracle on the blockchain, each wagering $5, the oracle that ultimately decides the bet's outcome effectively becomes the custodian of the money in the black box, allowing for backdoor deals with Alice or Bob.

A key innovation of Bitcoin is that it establishes a digital financial system that does not require trusted third parties to process transactions. This allows the Bitcoin network to remain unregulated, permissionless, and immune to shutdown. However, DeFi, at least in its current operational mode, reintroduces trusted third-party vulnerabilities through oracles.

"In a sense, the spirit of Bitcoin is that you control your own money, and when you hand it over to someone else, you're no longer in that world," Sztorc said as his 2017 talk neared its end.

In Sztorc's view, no progress has been made in the six years since Edmund Edgar proposed the Reality Keys solution. However, Edgar disagrees with this assessment (more on this later).

"My feeling is that with Bitcoin and Ethereum becoming more mainstream over time, they've attracted people who aren't as technical, don't have as much experience, and aren't as interested in solving the really interesting problems," Sztorc added. "They just want to get involved quickly. So, while attention has increased again, there has been no progress."

In addition to trust issues, oracles represent a potential target for regulators. Abra can be seen as a case study in this regard.

Synthetic assets were Abra's attempt to create a global, permissionless bank. All assets stored in Abra wallets were originally hedged against bitcoin on the Bitcoin blockchain through smart contracts. The fundamental idea of Abra was that users would be able to hold any asset, including dollars and Apple stocks, on their smartphones through the Abra app, with the actual underlying assets tracked by oracles on the Bitcoin blockchain.

As indicated in a recent document on stablecoins by the Financial Stability Board (FSB), banning the development of decentralized stablecoins is a potential option for governments that do not want such systems to exist, and oracles are a centralized vulnerability that regulators and policymakers can target.

"We're not running any synthetic assets anywhere anymore," Bill Barhydt, CEO of Abra, told LongHash. "It's all native. We weighed the legal uncertainty and costs. I would say we've been successful technically, but the application itself was a bit ahead of its time."

By the way, the oracle problem was one of the main criticisms of Ethereum before its launch. In fact, if smart contracts must rely on oracle intervention, are they still smart contracts? This is indeed debatable because the code on the chain does not guarantee its outcomes.

What are potential solutions to the oracle problem?

If the issue is the inability to trust centralized oracles, then trustless decentralized oracles should be able to solve the problem. However, developing such oracles has proven to be extremely challenging.

"The legal issues in a decentralized world are largely a functional issue," Barhydt stated. "If there's an off switch, there's probably a regulated entity somewhere. So far, true DeFi is still just a dream. Decentralizing oracle functionality, if achievable, will eliminate this off switch, a significant step towards realizing the DeFi dream."

Projects dedicated to developing decentralized solutions to the oracle problem include Augur, Bitcoin Hivemind, and Chainlink. Just last year, the existence of the Chainlink project reflected the excitement and expectations surrounding potential solutions to the oracle problem, as its token LINK became one of the few tokens outperforming Bitcoin during the worst year in altcoin history. However, it should be noted that Ethereum founder Vitalik Buterin recently shared his view, stating that Chainlink is not yet decentralized enough to solve all issues related to oracles.

Both Augur and Chainlink are already active on Ethereum, while Bitcoin Hivemind is planning to go live on a Bitcoin sidechain at some point in the future. Overall, the idea behind these networks is to create the right incentive mechanism to ensure oracles take the correct actions, rather than creating a bulletproof solution. A core part of this incentive structure often involves requiring oracles to stake some form of collateral, which is seized if they provide false or incorrect information.

However, the key issue is that the blockchain does not possess accurate information related to real-world events, so it must be remembered that in cases of complete failure, malicious oracles do not lose all their collateral. The blockchain can only use the amount of collateral as a weighting to compare different answers provided by different oracles. In other words, successfully cheating would require an effective 51% attack on the decentralized oracle network. In fact, because this has so many similarities to the traditional 51% attack in PoW networks, Sztorc once proposed letting miners resolve oracle-related disputes on cryptocurrency networks.

"It's a common way to punt," Sztorc said. "It's in the ancient Princeton paper. The problem is that it's somewhat self-contradictory. If miners can never agree, there will be a hard fork. But having nodes 'resolve disputes' is really just a form of punting to some extent."

Currently, it is unknown whether decentralized oracle systems can provide a high enough level of reliability for DeFi smart contracts.

Similarly, the operation of the Bitcoin network relies on incentive mechanisms rather than guarantee mechanisms. After all, nothing prevents 51% of Bitcoin miners from colluding for malicious purposes, nor is there anything that allows Bitcoin transactions to occur. Miners process transactions and fulfill their duties because they are incentivized to do so.

"There's no long-term solution," James Prestwich, founder of Summa, said. "A lot of people have been working on keeping systems running for a long time. Price oracles will always be a pressure point of off-chain factors, just like governance."

That being said, Prestwich added that Maker's oracle system might be the most efficient for those currently keen on exploring DeFi.

Edmund Edgar, mentioned earlier, continues to research oracle-related issues despite Reality Keys being replaced by Realitio. Regarding the current state of oracles, Edgar believes Augur is a positive development.

"I certainly think there have been advances since Reality Keys," Edgar said. "For example, Augur does have some practical utility (though with an unenforceable security boundary). Augur can be bought out at a certain price, so the amount staked for security must be less than this price. Augur's system is trying to be self-regulating, which is right, but this doesn't stop data parasitism, so self-regulation might not work."

Augur was initially based on Sztorc's Truthcoin whitepaper, although Sztorc has concerns about whether his model can be practically implemented.

"As I've always said, a decentralized design may ultimately be unworkable or outcompeted by something very, very simple, like Reality Keys, ' http://oracle.bitcoin.com,' services like Google, and so forth," Sztorc said. "But these latter solutions become custodians of all funds. They have everything, which is a nightmare for them."

From the standpoint of current viable solutions, smart contracts based on oracles clearly cannot offer the same security promises as fully on-chain encrypted transactions. So the question is: How secure can oracles be? Will users accept some counterparty risk when paying on a second-layer payment system like the Lightning Network with a wallet, but will they still place most of their savings in smart contracts when oracles have become their custodians?

"How much money are you willing to put on an oracle system? That's the real question," Prestwich said. "Are you willing to bet the farm on it?"

Even if a sufficiently decentralized oracle problem solution were to emerge tomorrow, it would still take many years to gain people's trust. As the money controlled by oracles grows, the benefits of finding design flaws for someone increase. In the cryptocurrency field, services that appear secure and reliable today could be overturned overnight, as the development of darknet markets over the years has demonstrated.

Currently, regarding the prospects of decentralized oracle systems, perhaps veteran blockchain consultant Peter Todd summed it up best a few years ago when he commented on Sztorc's Bitcoin Hivemind (later renamed Truthcoin): "I'd say the odds of success are low, but at least it's a kind of genius madness, not stupid madness."

This article is from our partner LONGHASH

Further Reading

  • Analyst PlanB releases the latest Bitcoin valuation model, estimating $288,000

  • Japanese trading market dynamics in May: STO regulatory rules take effect, allowing trading of Huobi's platform token HT

Join Telegram now for the most accurate blockchain news and cryptocurrency updates!