Home » The Rise In Security Pitfalls On Decentralized Oracles And The Upcoming Solutions

The Rise In Security Pitfalls On Decentralized Oracles And The Upcoming Solutions

Table of Contents


Since 2019, the decentralized finance (DeFi) ecosystem has grown at an explosive rate, providing an alternative to the traditional finance system – especially for the underbanked and unbanked populations. The open, transparent, and trustless sector has seen its value grow to inexplicable heights, reaching a high of almost $200 billion in November 2021, rivaling the GDP of many nation-states and top corporations. 

In a similar breath, the number of decentralized applications (DApps) in the space has spread far and wide, like wildfire, allowing anyone across the world to borrow, lend, save, earn, trade, play to earn, etc using their crypto assets. Most of the credit for the massive growth of DeFi goes to Ethereum and the rise of smart contracts, which are claimed to be the backbone of the industry. Nonetheless, there’s another important piece that has sparked the growth of DeFi to a $200 billion market: decentralized oracles. 

The rise of the decentralized oracle ecosystem and its pitfalls

A shallow understanding of blockchain reveals that most of them are siloed in their own network, making it impossible for them to communicate with or send value (assets) to each other. Simply explained, blockchains on their own offer value but are largely impotent without connecting to other blockchains, much like a computer without an internet connection.  

Here’s where oracles come in. Oracles allow blockchains to access external data on their own. However, using centralized oracles could negate the advantages of having a smart contract, which raises significant privacy issues. As more blockchains and DApps come alive, there will be a need for them to be interconnected and interoperable using decentralized oracles. This means these platforms will need access to reliable and accurate real-world data, which boosts the creation of decentralized applications in the financial, AI, and trading ecosystems. 

Today, the leading decentralized oracle provider is Chainlink, a decentralized oracle network that provides tamper-proof inputs, outputs, and computations to support advanced smart contracts on any blockchain. Launched in 2017, the oracle solution has been integrated into hundreds of DApps but in recent times there have been questions raised on the security capabilities that Chainlink offers. 

In a Medium article, “What’s Wrong With The Chainlink 2.0 Whitepaper” by Eric Wall, a myriad of problems facing the upgraded oracle system highlight the deficiencies of the blockchain. The article focuses on the infrastructure, crypto economy, and security issues faced by DApps using the top decentralized oracle network, hence the low commercial interest in the technology. 

The issue, however, is not especial to Chainlink, as multiple bridges and oracles have also witnessed increased cases of security breaches in the past. In 2021, over $1.3 billion was looted or compromised by hackers via oracles and bridge hacks, with a quarter of it (around $323 million) being stolen from the Wormhole bridge. 

The increased losses of users’ funds have left many looking for better options in the market, and new options are popping up to solve the persistent issues facing blockchain oracles. 

A solution to existing decentralized oracles 

After a half-decade of developing decentralized oracles, it is time to relook the approach offered by current models and projects, keeping security at the centerstage. Over the past few months, new decentralized oracle projects have launched, challenging the dominance of Chainlink and offering better security for DApps. 

The leading competitor to Chainlink is the Universal Market Access (UMA), an optimistic oracle that serves data to smart contracts using a “true unless disputed” escalation game. The platform includes decentralized participation in its security system, allowing anyone across the world to secure the oracle. 

Initially launched and designed for the creation of synthetic assets on Ethereum, UMA has gradually switched into an “optimistic oracle”, allowing users to leverage its Data Verification Mechanism (DVM). The DVM provides the price of an asset at a requested timestamp only when network participants dispute the value of collateral backing a synthetic token. This differs from non-optimistic oracle solutions such as Chainlink, which constantly write prices on-chain to ensure contracts are properly collateralized. Minimizing oracle usage increases the security and scalability of decentralized financial contracts.

On the issue of security (which has caused corporates to stay away from the ecosystem), Chainlink could easily be replaced by QED. This decentralized oracle enables users to transact high volumes and mitigates security risks. Launched in 2020, QED provides a decentralized oracle protocol with a robust economic model connecting multiple blockchains, smart contract platforms, and off-chain data sources. QED Oracles provide external collateral as a bond to their smart contract eliminating systemic risk. A post-execution resolution process determines loss restitution without affecting the execution experience

Finally, the platform also prevents poor oracle nodes from participating in the platform while incentivizing good oracles with a high historical history. This prevents the oracle from picking up false data points, making the oracles more robust and trustworthy.

Jonathan Gibson

Jonathan Gibson

Table of Contents