【Selected Blockchain News】Chainlink Co-founder: DeFi applications need to focus on data quality and sources

Chainlink co-founder Sergey Nazarov believes that some oracles overlook data quality, the quality of node operators, and the guarantees node operators provide to users, which could lead to large-scale failures in DeFi.

Original Title: "DeFi Builders Ignored Data-Related Risks That Could Lead to Large-Scale Failures"
Written by: Camila Russo

It has been proven that the way blockchain applications obtain data is crucial, as failures in these systems have become the core of many new attacks in DeFi.

Advertisement - Please scroll down for more

Sergey Nazarov mentioned that most activities in the entire blockchain ecosystem currently take place in DeFi, insurance, and gaming sectors. He is pleased to see more centralized companies beginning to decentralize some of their operations.

In the coming months, he looks forward to continuing to support DeFi, increasing the data inputs provided by Chainlink, and enhancing incentives for node operators. In the future, finance will increasingly be based on blockchain technology. Here are some excerpts from the interview:

First, some contracts need to interact with external data. For example, they need to know price changes, whether goods have been delivered according to insurance contracts, the condition of goods during transportation, or whether to pay insurance to farmers when there is rainfall.

These more advanced contracts require the ability to understand this content. People may have some misconceptions now, even though they are called smart contracts, they should actually be called tamper-resistant digital protocols because what they really do is create records and record events. However, the system actually running the smart contracts does not have the ability to truly understand these events.

This is where the so-called oracle comes in. It can provide the system with information that it cannot know and understand.

The issue with oracles is that smart contracts or logic that run in these blockchain environments cannot access external data due to the security requirements of the blockchain. The security of the blockchain prevents access to some information through internal logic.

Oracles borrow some concepts from the blockchain but they are not the blockchain. I think some of the problems encountered by certain solutions are that they try to adopt certain blockchain concepts and attempt to fully apply them to oracles, ignoring the differences.

Oracles focus on solving a completely different problem. Oracles need to obtain uncertain, unverified, insecure (sometimes unreliable) data from elsewhere and put it into a system that can enhance its reliability. The first fundamental difference here is that oracles deal with data from other systems. Oracles are not meant to create a closed system of certainty; in fact, they are an attempt to use uncertain systems with security or reliability issues and verify the source of the data by combining some cryptographic means to ensure that, in most cases, the overall quality of the data is high.

For example, some people use Dynamic Membership to build oracle systems. Dynamic Membership allows random people to appear and process. Chainlink really doesn't have this type of scheme. Chainlink's approach is to provide node operators. These node operators can prove the security and reliability of their data. Then, these node operators form something called a service agreement with the user's smart contract. On-chain, you can get data delivered by node operators at a certain quality and frequency.

Some problems have recently arisen in DeFi, some triggered by incorrect oracle or pricing mechanisms. One major collapse in DeFi was the failure of the MakerDAO liquidation system, partly because the price update speed during the Ethereum waterfall was insufficient. There was also an attack on bZx earlier this year, possibly manipulating the pricing of Uniswap and Kyber. Problems with pricing and oracle systems can lead to attacks on DeFi and cause problems for DeFi applications. Can oracle solutions avoid these problems? Are these issues inherent in DeFi applications?

These issues are not inherent. They are problems with the design of certain applications. During that time, users did not suffer losses due to using Chainlink's oracles. I think some oracles overlook their risks, neglect data quality, neglect the quality of node operators, and the guarantees node operators provide to users.

We can see people trying to solve this problem in two ways. One way is to use blockchain and then replicate everything from the blockchain into the oracle. This usually misses the key issues that need to be addressed. The key issue that oracles need to address is highly reliable, secure, and available access to external systems, of which they don't even know if these systems are secure. So, the first problem is "this is just a different blockchain."

The second existing problem is that there are already one or two oracle mechanisms that do not consider data quality. They basically ignore the fact that in traditional finance, there are many successful data companies (such as Bloomberg, Reuters, etc.) that have eliminated risks associated with data in competitive markets. Many people have created data companies and software that provide data transmission security. They have never created a data company, so they overlook some of the risks that data brings.

Chainlink does not actually generate data. We empower data providers like Bloomberg and Reuters to get high-quality data, leaving the data issue to truly experienced data aggregation teams. Chainlink focuses on properly transmitting data and ensuring the source of the data to the maximum extent.

Some oracles first integrate two exchanges to determine the market price of assets. Later, a third exchange emerges and captures all the trading volume. This means that the exchanges integrated into the oracle system account for only a small fraction of the trading volume, making the price easily manipulable. The reason this problem arises is that when trading volume shifts to another exchange, there is no alert mechanism, resulting in significant risk. If oracles use a single exchange to define prices, how can they predict the trading volume of that exchange, especially for tokens with low trading volume?

These very risky patterns have not sparked discussion only because there has not been a loss at the level of Mt. Gox. Some homemade oracles use data from a single exchange and they do not have the capacity to deal with these risks, which if problems arise, would plunge the entire DeFi sector into darkness. People can use any oracle mechanism they like. But people should understand that it is not as simple as connecting to an API.

Chainlink's mechanism focuses on security and provability; we are very fortunate to collaborate with top data providers. We are working with as many people as possible to ensure that experienced teams provide higher-quality data and address various security system risks, such as market coverage risk or manipulation attacks, which people have not yet experienced. So, I suggest people seriously consider whether to entrust their fate to oracles that do not even understand the risks of their design.

This article is authorized for republication by ChainNews, article source: ChainNews (ID: chainnewscom)