Oracle Security

The DeFi protocol is inseparable from Oracle. Without Oracle, the DeFi protocol will not be able to obtain all the data required for normal operation. The function of Oracle is that it allows certain smart contracts to respond to the uncertain off chain world.

In brief:

It is the only way for smart contracts to interact with the real world, and it is also the interface between the blockchain world and the real world. Therefore, Oracle is considered as the bridge between the decentralized protocol and the external data of the blockchain, and becomes an essential existence.
The Port of DeFi Network uses the Oracle assisted DeFi protocol smart contract as the data source outside the blockchain, avoiding the risks of forgery, tampering, modifying or hiding of the centralized data. It synchronously uploads the information of the world under the chain to the blockchain, and completes the information synchronization between the blockchain and the real world.
Port of DeFi Network has carried out thorough research on the whole logic of Oracle. In order to infer Oracle Security, we first define the related concepts: a trusted third party (TTP): an ideal entity or function, which always faithfully executes a letter and is responsible for running a command. We will use ORACLE to represent Oracle (usually all caps are used to represent the entity that the user fully trusts) and assume that TTP gets data from the fully trusted data source Src. In view of this magical service ORACLE, the whole implementation process is as follows:

The ideal Oracle behavior, ORACLE is defined by the following steps: 1) accept the request; 2) get the data; 3) return the data. In addition, in order to protect the confidentiality of the request, ORACLE never uses or displays the data it contains when decrypting the request, except for querying Src.
1. Accept the request: get request Req = (SRC, τ, q) from smart contract USER-SC, which specifies target data source Src, time or time range τ, and query q.
2. Get data: send query q to Src at time τ.
3. Return data: after receiving answer a, return to smart contract. These simple instructions that are executed correctly define a powerful and meaningful but simple concept of security. Intuitively, ORACLE acts as a reliable bridge between Src and USER-SC.