- Chainlink is a decentralized oracle network that connects smart contracts and their underlying blockchain network to off-chain data resources.
- Chainlink also supports on-chain/off-chain data aggregation, a reputation and monitoring framework, as well as a security strategy and future improvements including oracle programming, data source infrastructure modifications, and confidential smart contract execution.
- Ellis, S., Juels, A., & Nazarov, S. (2017, September 4). ChainLink A Decentralized Oracle Network.
Core Research Question
- How can smart contract applications operating on decentralized blockchain networks connect to external systems and data resources without relying on a centralized oracle service?
- Blockchains are distributed networks of nodes that generate consensus on a set of transactions using mechanisms such as Proof of Work or Proof of Stake. Blockchains aim to prevent the “double spending problem” where the same funds are used multiple times.
- Smart contracts are pieces of programmatic logic created by users that are hosted on a blockchain network. Every state change is initiated by a private key holder and is both executed and verified across every node in the blockchain network.
- Blockchain oracles are off-chain agents that connect on-chain smart contracts to external resources such as data APIs that reside outside of the blockchain network. Such data is often required in the execution of automated smart contract applications.
- Smart contracts replace the need for traditional legal agreements and centrally automated digital agreements. Performance verification and execution of smart contracts rely on manual actions from one of the counterparties or an automated system that programmatically triggers state changes.
- Due to their underlying consensus protocols, the blockchain networks that smart contracts operate on cannot natively communicate with external systems, requiring the use of an “oracle” mechanism.
- Traditional oracles are centralized services that present a single point of failure in the execution of smart contracts. The authors of this paper present an alternative in the form of Chainlink, a decentralized oracle network.
- Chainlink’s components include a simple on-chain data aggregation system, a more efficient off-chain consensus mechanism, the decentralization of data sources and oracles, a validation system, a reputation system, certification service, contract upgrade service, LINK token usage, as well as a security strategy.
- Future improvements described include richly featured oracle programming, data-source infrastructure modifications, and confidential smart-contract execution. The paper also describes the technology required for off-chain aggregation as well as the trust assumption of Intel’s SGX.
- The on-chain components of Chainlink consist of smart contracts that provide an interface for users to interact with the network. This includes a reputation contract, an order-matching contract, and an aggregating contract. Users choose oracles based on Service Level Agreements (SLAs) that detail the query parameters and the number of oracles needed by the purchaser. The purchaser also specifies the reputation and aggregating contracts to be used.
- Once an SLA has been created and the oracles have been selected, each oracle node delivers their response on-chain to the Aggregation contract. This contract tallies the collective results and calculates a weighted answer. The specific aggregation methodology used can be customized by users and can include taking the median, mean, mode, or another method desired.
- The off-chain components of Chainlink consist of the oracle node software that is connected to the blockchain and independently listens for queries and responds by generating a transaction to be published on-chain. Chainlink oracle nodes are made of “Chainlink Core” which is the software responsible for interacting with the blockchain, scheduling, and balancing work across various external services. Nodes use job specifications, consisting of subtasks which are processed in a pipeline. Default subtasks include HTTP requests, JSON parsing, and conversion to various blockchain data formats. Additional subtasks can be added through modular external adapters, which connect to external services (such as serverless adapters) via a REST API.
- Chainlink oracles perform three key steps: accepting a request (ingesting request details from a user smart contract), obtaining the data (fetch from an off-chain API), and returning the data (once data from an API is received, create a transaction to deliver the data on-chain). While these steps are easy to perform, achieving this process in a secure and tamper-resistant manner is more involved as data sources or oracle nodes might be corrupted. Chainlink solves this issue with decentralization.
- Decentralization is achieved at multiple levels. The first is by distributing data sources, meaning each node fetches data from multiple APIs to prevent any single source of truth. Nodes then aggregate this data to generate a single refined data point. The second approach is distributing oracles, where instead of consuming data from one node, data requests are sent to multiple nodes and the data from each is aggregated. This aggregation can occur either on-chain for ease of implementation or off-chain for additional cost-efficiency. Both forms of data source and node decentralization can be used at the same time.
- On-chain aggregation of data is where each node delivers their response to an aggregation contract, which then compiles a single reference data point. This aggregation process has the properties of being conceptually simple (involves a single contract), trustworthy (all actions are fully viewable on-chain), and flexible (any aggregation logic can be used). Nodes can also use a commit and reveal scheme to prevent freeloading.
- Off-chain aggregation of data saves costs over on-chain aggregation by delivering a single data point on-chain. This is achieved through the use of threshold signatures (Schnorr signatures) where nodes combine their reports off-chain to create a single signature representing every node in the oracle network. Each oracle holds only a partial piece of the private key, meaning the decentralization and tamper-resistance properties are preserved. To prevent freeloading, a consensus algorithm can be used to ensure the user does not pay freeloading oracles.
- The paper describes multiple security services Chainlink can employ including a validation system, a reputation system, a certification service, contract-upgrade service, and the LINK token.
- The validation system ensures availability and correctness through the aggregation of data which can occur on-chain or off-chain as described above. Because each node signs their response, it generates non-repudiable evidence of their answer. Nodes who deviate from the aggregated result can then be refused payment.
- The reputation system utilizes the on-chain data each node creates to generate a framework for the reliability of nodes. This includes the total number of assigned/accepted/completed requests, average time to response, and the amount of penalty payments accrued when staking collateral. Users can use this on-chain data to select nodes that have been historically reliable.
- The certification service aims to prevent Sybil and mirroring attacks by issuing endorsements of high-quality oracle providers. This service does not prevent others from running nodes, but provides additional information to users on which nodes have been security reviewed. Fraud detection can be an automated on-chain or off-chain process.
- The contract-upgrade service aims to allow developers to improve their code to mitigate bugs and vulnerabilities. Chainlink supports an additional optional service where nodes can be redirected to delivering their data to a new upgraded user contract if a specific flag is raised. This provides an “escape hatch” but is entirely optional, allowing for immutable contracts as well.
- The Chainlink Network utilizes the LINK token to pay node operators for their services. The amount of LINK required to generate a request is set on a node by node basis, which can be based on supply and demand for oracle services. The LINK token is an ERC20 with additional ERC223 TransferAndCall capabilities, allowing tokens to be received and processed by contracts within a single transaction.
- The paper also describes a longer term technical strategy through the usage of trusted hardware such as Intel SGX, enabling confidentiality and off-chain computation. One approach of this is Town Crier, a trusted hardware based oracle (which Chainlink later acquired in 2018). Intel SGX and other forms of Trusted Execution Environments provide a black box where oracle nodes can fetch and compute on data, without revealing the data to the node operator. Town Crier is compatible with existing versions of HTTPS requiring no server side modifications for web servers.
- Current existing oracle solutions, at the time of release, were centralized oracle providers which do not provide the tamper-resistant qualities smart contracts need to remain trustless in nature. Often notarization is used, but this cannot be verified on-chain, requiring further recursive validation. Manual input oracles also exist for prediction markets, and provide a large amount of flexibility for hard-to-find information or for tasks that require natural language processing. However, human cognition is costly and slow, meaning manual input oracles are resource-intensive, not real-time, and can only handle a limited set of questions at a time.
- This paper introduced Chainlink, a decentralized oracle network for smart contracts to securely interact with resources external to the blockchain. The various components of the network’s construction were described as well as security models and new proposed features that could be implemented into the future. Specific design principles were defined including decentralization for secure and open systems, modularity for flexible system design, and open source for secure extensible systems.
Discussion and Key Takeaways
- The Chainlink whitepaper was originally written three years ago. Since then, we have seen the blockchain ecosystem evolve, billions of dollars locked up in Decentralized Finance applications, and the mainnet launch of the Chainlink Network. A review of this whitepaper provides context for the data infrastructure that has shaped the current blockchain landscape and the oracle mechanisms that enable more universally connected smart contracts…
Implications and Follow-ups
- For future improvements, the whitepaper describes the creation of an off-chain aggregation mechanism using a Threshold Schnorr signature scheme and the algorithm required for its implementation, particularly in regards to off-chain communication between nodes, along with the accompanying proofs and additional considerations.
- Many of the original ideas in the Chainlink whitepaper have been implemented (such as the decentralization of nodes and data sources), while other features have evolved, partially to meet the needs of the Decentralized Finance (DeFi) ecosystem and the demand for shared financial price feeds.
- Chainlink’s decentralized network of oracle nodes provide smart contracts with enhanced capabilities that enable the creation of a wide range of decentralized applications. Currently such use cases include secure price feeds for the DeFi ecosystem, a verifiable randomness function for on-chain gaming applications, fair sequencing services to prevent miner extractable value, proof of reserve to bring transparency to DeFi collateral, validation of layer 2 Rollup chains like Arbitrum, keeper bots to to trigger smart contract functions on regular intervals, and more. Additional applicability of Chainlink oracles can be found in “77 Smart Contract Use Cases Enabled By Chainlink”.