Definition: The blockchain oracle problem describes the contradiction between a highly decentralized blockchain and the more or less centralized oracles.
It leads to a paradox in where the blockchain becomes more useful with off-chain data but at the same time loses its benefit of decentralization through it.
If a blockchain oracle retrieves its data from multiple data sources, it needs to aggregate them. In this post, you will learn how blockchain oracles aggregate data.
The aggregation consists of two steps:
Incoming data need to be checked if their data type is correct. If you expect a number, you will reject any letter. Besides a simple data type check, it is possible to verify whether the pattern is correct or not. A typical example is the zip code or bank account number that has a fixed number of characters. If the submitted value is too short or too long, it will be rejected.
Pattern and data type checks help to protect against typos or bugs in the code where erroneous messages are sent.
The first step is to detect and eliminate outliers. Outlier detection is an important part to keep the data reliable. But since oracles don’t know what data is right or wrong, it can only apply very rough measures.
The most straightforward approach is to cut off the n lowest and n highest values from the data set. You find this often in jury decisions in sports where the lowest and the highest scores are removed to eliminate biased jury members.
Let us consider the following example. There are ten different data sources. Each of them reports one value. We want to set n = 1.
| data source | value |
| 1 | 6 |
| 2 | 4 |
| 3 | 8 |
| 4 | 4 |
| 5 | 5 |
| 6 | 6 |
| 7 | 7 |
| 8 | 5 |
| 9 | 1 |
| 10 | 3 |
First, we sort the values.
| data source | value |
| 9 | 1 |
| 4 | 3 |
| 2 | 4 |
| 10 | 4 |
| 5 | 5 |
| 7 | 5 |
| 1 | 6 |
| 6 | 6 |
| 8 | 7 |
| 3 | 8 |
Then, we delete the highest and lowest value. These are 1 (reported by data source 9) and 8 (reported by data source 3).
The resulting table looks like that:
| data source | value |
| 4 | 3 |
| 2 | 4 |
| 10 | 4 |
| 5 | 5 |
| 7 | 5 |
| 1 | 6 |
| 6 | 6 |
| 8 | 7 |
The threshold n can be given absolutely or depending on the number of sources.
Another similar approach is to calculate quantiles and eliminate them. A common threshold is the first quartile and third quartile. Everything below or above is ignored in the following aggregation step.
Some oracles use absolute values as threshold. They provide an upper and lower bound in which the reported values must lie. This is useful to eliminate nonsense data like negative sizes or prices. Chainlink is an oracle that uses this approach.
Besides absolute values, relative values are possible too. Data that stray more than x percent from the average, are not considered.
Here, we explain in short how to calculate the quartile. When calculating the quartiles, we need to sort the values first and calculate the cumulative percentage.
| data source | Value | cumulative percentage |
| 9 | 1 | 0.1 |
| 4 | 3 | 0.2 |
| 2 | 4 | 0.3 |
| 10 | 4 | 0.4 |
| 5 | 5 | 0.5 |
| 7 | 5 | 0.6 |
| 1 | 6 | 0.7 |
| 6 | 6 | 0.8 |
| 8 | 7 | 0.9 |
| 3 | 8 | 1.0 |
There are different methods (See https://en.wikipedia.org/wiki/Quartile) how to determine the exact value of a quartile that yield different results. We use the cumulative percentage to determine the quartiles.
The first quartile consists of all values that receive a cumulated percentage of at least 25 % (0.25). To achieve this, we need to include the values 1, 3, and 3.
The third quartile consists of all values that receive a cumulated percentage of at least 75 % (0.75). This comprises the values 1, 3, 3, 4, 5, 5, 5, and 5.
Since we want to delete all values below the first quartile and above the third quartile, we get the following table:
| data source | value |
| 4 | 4 |
| 1 | 5 |
| 5 | 5 |
| 8 | 5 |
Besides those rather simple methods of outlier detection, there are more sophisticated mechanisms like support vector machines, k-nearest neighbor, hidden Markov models, etc. However, they are difficult to perform on a smart contract due to its limited computation capacity.
After eliminating outliers, the oracle has to condense all data into a single value. First, we look at methods that can be used to aggregate values. Later, we learn how to aggregate values on-chain and off-chain.
Again, we have different methods here:
The following example shows the calculation of mean, median, and mode with the data from a sorted and cleaned table.
| data source | value |
| 4 | 3 |
| 2 | 4 |
| 10 | 4 |
| 5 | 4 |
| 7 | 5 |
| 1 | 6 |
| 6 | 6 |
| 8 | 7 |
Average = (3+4+4+4+5+6+6+7)/8 = 4.875
Median = (4+5)/2 = 4,5
Mode = 4
The mode can be considered as a majority voting. [1] However, it can be difficult to determine, if there is no single most value.
In an on-chain aggregation scheme, all data sources send their data to a smart contract. To mitigate the last actor problem, oracles could introduce a commit-reveal scheme with a deposit that is burned if the data source doesn’t report in time.
Such an on-chain aggregation scheme is independent of a centralized authority. But it is expensive since every reporter has to create a transaction and pay for it. This becomes more severe if a commit-reveal scheme is used, and each reporter has to make at least two transactions.
Oracles can decide to collect and aggregate data off-chain and only report the result to their smart contracts. The first way to do this is that the data sources report to the oracle. The data oracle cleans and aggregates the data. After it is finished, it sends the data to the smart contract.
The problem with this is that neither the reporter nor the data consumer can be sure whether its data got aggregated correctly unless the raw data is provided to the smart contract.
To avoid this uncertainty, reporters can coordinate themselves avoiding the oracle. To prove that the values are submitted correctly, they could use threshold signatures like Schnorr signatures. To create a threshold signature, you need at least k out of n participants. This makes the signature resilient against not responding data sources.
In this setup, reporters exchange their values and aggregate them to a value A. Then, every data source signs the value A. If a majority (k out of n) of data sources signed the same value A, it is considered as correct. In the next step, this value A is sent to the smart contract.
However, the tricky task is to provide an infrastructure where all oracles can exchange their values and signatures. And finally, one participant has to create a transaction and send the signature to the blockchain. This requires a centralized authority again.
Besides the issue regarding the communication infrastructure, freeloading is a problem too. Here, reporters can simply copy the data from other reporters and thus save data retrieval costs.
Definition Blockchain Oracle: A Blockchain Oracle (also crypto oracle) is a service that provides off-chain data to smart contracts running on a blockchain.
Definition and meaning: Central Bank Digital Currency (CBDC), also called digital fiat currency or digital base money, is a digital version of a fiat currency like Euro, Dollar or Yen issued by a central bank.
CBDC/digital base money is being issued by a central authority like a central bank or government. It is by law, a means of payment. A holder of a CBDC coin would have a claim on the central bank.
Definition: A fork is a split of the blockchain into two (or more) branches. This happens, if there are two blocks with the same height (or block number).
In this post we explain what forks in blockchain context are, how they can happen and what the result is.
The mining difficulty in Ethereum states how long it takes to find a suitable hash to mine a block. It is represented as an integer value and stored in each Ethereum block. The difficulty is also an indicator for Ethereum nodes which chain is the longest (or rather heaviest) chain in case of a fork. For further information about the chain-selection, see fork choice rules.
Definition: A long range attack is an attack on the consensus model of a proof of stake blockchain. A block producer (or validator) tries to create an alternative chain starting from a long ago created common block. The long range into the past is necessary to circumvent possible penalties for forking. Long range attacks are explained mostly in conjunction with proof of stake, since this problem is prevalent here and closely related to the nothing at stake problem.
Definition: Nothing at stake means that in a proof of stake (PoS) consensus algorithm rational validators (block producer) risk nothing (have nothing at stake) if they create blocks on different chains. As a consequence, the whole blockchain network won’t reach consensus on the longest chain.
List of blockchains with information about consensus algorithm, privacy and smart contracts.
| Blockchain | Consensus | Turing complete Smart Contracts | privacy |
| Bitcoin | PoW | no (scripts) | no |
| Bitcoin Gold | PoW | no (scripts) | no |
| Bitcoin SV | PoW | no (scripts) | no |
| BitShares | DPoS | yes | no |
| Cardano | PoS | yes | no |
| Dash | PoW | no | yes |
| Dogecoin | PoW | no | no |
| EOS | DPoS | yes | no |
| Ethereum | PoW | yes | no |
| Ethereum 2.0 | PoS/PoW | yes | no |
| Ethereum Classic | PoW | yes | no |
| Hyperledger Fabric | yes | no | |
| IOTA | PoW/TaPoW | no | no |
| Lisk | DPoS | no | no |
| Litecoin | PoW | no (scripts) | yes |
| Monero | PoW | no | yes |
| NEO | DPoS | yes | no |
| Peercoin | PoS | no (scripts) | no |
| Qtum | PoS | yes | no |
| Tezos | PoS | yes | no |
| TRON | DPoS | yes | no |
| Zcash | PoW | no | yes |
Delegated Proof of Stake (DPoS)
Proof of Work (PoW)
Proof of Stake (PoS)
Definition: Delegated Proof of Stake (DPoS) is a form of consensus algorithm, where voters vote for block producers (sometimes called witnesses) who then perform the block creation and enforce the consensus. In order to vote a voter needs funds. And the voting power is proportionally to the amount of tokens or coins a voter has (or stakes).