What are Decentralized Blockchain Oracles?

Anybody who is interested in using true decentralized finance in the future NEEDS decentralized blockchain oracles. 

Blockchain oracles have been the culprit for billions of dollars lost in exploits and hacks.

We have carefully curated information to explain the difference between centralized and decentralized oracles. It is this difference which is responsible for either a safe DeFi protocol or an abject failure.

What is a Centralized Blockchain Oracle?

A centralized blockchain oracle is a single entity which is tasked with supplying a blockchain with reliable, real world data. As a consequence, centralized oracles are a single point of failure, and can break DeFi protocols.

To spot a centralized oracle, you can look for these characteristics:

1. Singular source of data providers (one person, one group, one node, etc)
2. Large amounts of native tokens held by the founders with voting rights to change the rules of the protocol
3. Admin keys held by the founders which allows them to singularly override any information

Centralized oracles lack two key features of decentralization:

1. They do not let anybody participate and run a node to input data
2. They do not let anybody censor/check the validity of the previously input data

Why Do Centralized Oracles Fail?

Centralized oracles fail for one of three main reasons: false attestation, no attestation, and multiple attestations.

False Attestation

The most common form of oracle failure is false attestation, or signing for an event which did not occur. For example, if I place a bet on the price of PLS going to 1 cent, I will be incentivized to see it do so. If I am in sole control of an oracle, I can simply put in that information erroneously to my benefit, and to the detriment of the ecosystem. Even without malicious intent, human beings can ‘fat finger’ the data and input incorrect information, breaking the system in a similar fashion.

No Attestation

This form of failure occurs when no data is provided to a smart contract at all. This could occur because of a financial incentive to stall the smart contract or a lack of financial incentive to provide information in the first place. This could also occur simply because of a technology failure at the node or an absence at the human level. Additionally, if an oracle provider has admin keys they can pause or halt price feeds at anytime.

Multiple Attestations

This form of blockchain oracle failure occurs when two or more differing units of data are provided to a smart contract. This causes a failure if the blockchain has no method to determine which unit data is correct and which is incorrect. The oracle provider needs a consensus mechanism to include the correct data and censor the incorrect data.

Examples of Centralized Oracles Failing

Centralized and/or poorly designed blockchain oracle protocols are responsible for millions of dollars lost per year. Here are a few examples:

Compound Oracle Failure

In November 2020, 89 million dollars worth of collateral was liquidated when the price of DAI within the Compound protocol rose above 1 dollar.

Think your day is bad? 89 million in liquidations on Compound Finance today, one whale lost 46 million.

How did this happen, Compound used Coinbase as a single source of price data.

Should have used #chainlink, honestly grossly irresponsible to nothttps://t.co/YCUtY9jQKy

— Lark Davis (@TheCryptoLark) November 26, 2020

Compound is a DeFi protocol which allows users to mint a stablecoin loan (DAI) from their collateralized cryptocurrencies. The protocol relies on external price feeds to fetch the price of the stablecoin. The price of DAI is needed to understand whether or not the total value locked in collateral exceeds the value of the loan.

If the value of the loan > value of collateral, then the value of collateral is liquidated.

In this specific example, Compound took a singular price feed from the centralized exchange, Coinbase. The price of DAI on Coinbase shot up to $1.3 instead of $1. This raised the value of the loans and caused massive liquidations within the protocol.

The main reasons for the liquidations were:

• Singular price feed (if this price fails, so does the protocol)

• Using a price feed from centralized exchange (centralized exchanges often have fractured liquidity, scam wicks, admin keys, and bad actors)

Synthetix Bot Exploit

In the summer of 2019, a trading bot took advantage of an oracle price feed failure. The bot was able to trade on the incorrect price feeds and obtain over a billion dollars worth of Synthetic-ethereum in only a few hours. Luckily, due to limited liquidity within the protocol, the owner of the bot agreed to return the ‘stolen’ funds.

Put simply, within the Synthetix protocol, the price of the Korean Won stablecoin (sKRW) traded at 1000x its normal price. A bot was able to capitalize on this highly inflated price and trade sKRW for synthetic Ethereum (sETH), amassing almost 37m sETH.

The main reasons for this exploit were:

• Limited quantity of price feeds (the protocol only relied on 3 price feeds for it’s sKRW)

• Oracle outages (2 of the 3 oracles experienced a simultaneous outage, and did not report price feeds)

• No censorship of data providing (the oracles used did not have a censorship protocol, to quickly invalidate the incorrect price feed)

What is a Decentralized Blockchain Oracle?

A decentralized blockchain oracle is a distributed network of nodes which collectively provides reliable and accurate data to blockchains and their smart contracts. This data can be input by anybody and censored by some form of consensus. A decentralized oracle also does not have admin keys, governance via DAO, or any other form of centralized control.

The term decentralization is one of the most misused and overused words in the world of blockchain and cryptocurrency. Without clearly defining it and providing specific details, decentralization is nothing but a buzzword.

In the world of oracles, decentralization refers to the functionality of a DeFi protocol not being beholden to one single entity or group.

Let’s take a closer look at what that means in practice.

How Does a Decentralized Oracle Work?

A decentralized blockchain oracle can work using a variety of different designs. With that said, you should look for similar principles when trying to identify a decentralized oracle with merit.

No Admin Keys

An admin key is a software function which allows the founders and creators to change the rules of their smart contract or protocol. For example, an admin key could be used to freeze deposits/withdrawals in a particular wallet or account. In the world of oracles, an admin key could be used to manually put in a data point, even against the group consensus.

Permissionless Nodes

A permissionless node refers to the idea that anybody can run a node and provide data to the protocol. There are many oracle services that require whitelisting participants (choosing who can participate). This goes against the spirit of decentralization, as each participant must go through a central entity. In addition to being able to provide data, each node must be able to censor the data provided. If an incorrect data point is provided, all other nodes need to be able to dispute that data point to have it changed.

Decentralized Ownership/Governance

Many founding teams will allocate a large portion of a protocols tokens to themselves. This is not inherently a bad thing, unless the token itself is used within the protocol for voting rights or the inputting of or censorship of data entry. Make sure that the oracle you are using does not have token distributions that allow for unilateral decision making which could enable bad actors.

Transparency 

As with any crypto and blockchain project, knowing what the founders and developers are up to is important. Do they keep you in the loop? Are they active on social media? Are they open and honest about their current affairs and their roadmap?

Example Decentralized Blockchain Oracle Protocols

Tellor.io is a decentralized blockchain oracle project which provides data to a variety of blockchains and smart contracts. Tellor provides data using a network of reporters who can run data from their own personal computer using the Telliot software.

• Anybody can provide data and anybody can check and censor the validity of the data.

• The Tellor team had no pre-mine to give them a majority of the tokens and significant voting rights.

• The protocol has no admin keys.

Fetch Oracle is a fork of Tellor launching natively on Pulsechain. Fetch will be the primary oracle providing price feeds to Liquid Loans.