✨ Oracle: Hermes, the God of the Blockchain World
"BlockChian Oracle", translated as "oracle" in Simplified Chinese, is actually not very accurate. What the oracle does is not a literal "prophecy", but a technology that allows smart contracts to access data from the outside world of the blockchain. .
In ancient Greece, people believed that oracles were a bridge between gods and humans, through which people obtained instructions from gods and knowledge about the future.
In the blockchain field, oracles play a similar role, acting as messengers between the blockchain (closed system) and the outside world (data source).
▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰
✨ Due to the design concept, the blockchain network has extremely strong security and reliability. It uses the data stored on the chain to reach consensus on very simple issues and adopts a decentralized model. All nodes in the network can repeatedly verify the same data, ensuring that no one or a small group of nodes can change the consensus algorithm.
💡The impossible triangle of blockchain: security, decentralization and scalability
Blockchain has chosen to maximize security and decentralization at the expense of scalability:
The blockchain cannot obtain off-chain data on its own, nor can it output data to the off-chain system. The blockchain is like a computer trapped in a local area network. In addition to accounting, the blockchain that is "disconnected" does other things. Nothing like the classic Bitcoin network.
▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰
✨ In fact, in today’s world, most smart contract application scenarios require access to off-chain data systems in order to implement practical applications. Here are some examples:
1️⃣ Financial field:
Smart contracts need to access market price data in order to execute contract delivery and clearing.
2️⃣Trade areas:
Smart contracts need to access document content and digital signature data to complete contract signing and lending.
3️⃣ Logistics field:
Smart contracts also need to access IoT sensors and Internet data to complete data confirmation and logistics tracking.
The middle layer that connects the on-chain and off-chain worlds is the “oracle”, the messenger that delivers the “oracle” from the real world to the blockchain world.
▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰
✨ Different services provided by oracles
1️⃣ Data provided by:
The main function of the oracle is to provide reliable external data to smart contracts. Smart contracts run on the blockchain and cannot directly access data from external systems. Oracles act as intermediaries, bringing real-world data (such as stock prices, weather information, sports event results, etc.) into the blockchain so that smart contracts can trigger or perform specific operations when the data changes.
2️⃣ Data verification:
To ensure that the data provided to the smart contract is accurate and trustworthy, the oracle implements a verification mechanism. This might involve taking data from multiple sources and aggregating it, or using some type of consensus mechanism to verify the correctness of the data.
3️⃣ Safety guarantee:
When designing an oracle, it is necessary to prevent data from being tampered with or the oracle service itself being attacked, including protecting the security of the data source, ensuring encryption during data transmission, and various malicious attacks against the oracle network itself.
4️⃣Off-chain calculation:
In some scenarios, the calculations required by smart contracts may be too complex or too costly to be executed directly on the blockchain. Oracles can perform these calculations off-chain and then pass only the results to the blockchain, increasing efficiency and reducing costs.
Even in decentralized games, such as gambling games, a large number of random numbers are needed. However, due to the characteristics of the blockchain, the random numbers on the chain can be predicted and cracked, so here they will also rely on oracles to provide Unpredictable random numbers.
5️⃣ Node incentive mechanism:
Many oracle solutions provide financial incentives to ensure that data providers and validators are honest and reliable. This may include staking tokens, reward distribution, and penalties imposed on nodes that provide inaccurate data.
▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰
✨ How to attack the oracle machine and make profit?
Let me share with you several commonly used methods😆:
1️⃣ Man-in-the-Middle Attack:
Attackers intercept and tamper with data between the oracle and the data source. If data is not properly encrypted during transmission, an attacker can alter this data, causing smart contracts to be executed based on incorrect information.
2️⃣ Feedforward attack (Front-Running):
The attacker uses his knowledge of the network conditions to conduct transactions before the transaction is finally confirmed. For example, if an attacker knows that a large trade is about to have an impact on an asset's price, they may buy or sell before the trade.
3️⃣ Selective disclosure:
Data providers or oracle nodes may have an incentive to only report data that is beneficial to themselves, or in some cases intentionally not report data.
4️⃣ Replay Attack:
An attacker intercepts legitimate data transmission and repeats or delays that transmission in an attempt to cause improper contract execution.
5️⃣ Price feeding attack:
If an oracle relies on a single or a few trusted data sources, attackers may be able to manipulate these sources to influence the data provided by the oracle, especially in scenarios involving asset pricing.
💡 Price feed attacks are also the most common means of attack on oracles, such as the flash loan attack suffered by#KuCoinin 2020. The attacker used the Harvest Finance oracle’s dependence on KuCoin to manipulate the price feed, and then used flash loans The attack resulted in approximately $34 million in profit.
The main reason why these attacks occurred was that these facilities relied on a single source of centralized oracles. Fortunately, more and more oracle projects are now using decentralized governance solutions to reduce the risk of a single node being hacked. risks of.
▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰▰
✨ Recently it’s the oracle track’s turn to be the most hyped
In addition to our "old comrades"$LINK There are also many “young people” joining, such as$PYTH $UMA #API3
Whether young people talk about martial ethics or not, have old comrades shied away from it? What layouts have you made? Welcome to discuss with Pumppump~🩷
