Decentralised finance — or DeFi — is a promising use case of distributed ledger technology. It is currently in its initial phase of implementation but is an effective alternative to intermediary-reliant traditional finance systems used in matters of borrowing, trading, lending, and storing of assets.
Self-executing smart contracts based on blockchain are what form the basis of DeFi. These smart contracts, in simple terms, are various real-life terms and conditions that are coded into a program. And every time someone makes a transaction request wherein all terms and conditions are met, the smart contract self-executes and sends the transaction to the blockchain for validation. This process requires no human intervention.
Although DeFi has huge potential to disrupt our traditional financial system, there are some major risks involved with it. One of these risks is due to the reliance of smart contracts on oracles — third-party centralised systems that help on-chain applications read and process real-world data.
In a recent attack on a decentralised lending protocol bZx, hackers were able to exploit a vulnerability in its price oracle to steal ether (ETH) worth almost $636,000 (at the time of the attack). In most parts, the hack was made possible because bZx relied on a third-party oracle for pricing its products.
It is thus mandatory to find ways to secure smart contracts from receiving corrupt or tampered data from oracles.
The Aladin Network goes the extra mile to create that security against manipulation of oracles. It has put in place its own blockchain-integrated, universal Aladin Oracle to protect DeFi against risks originating from third-party oracles.
Multi Data Provider
DApps of protocols developed on the Aladin Network can use the Aladin Integrated Oracle to receive data from multiple data providers instead of just one. These data providers can be cross-referenced for authentication purposes. By doing so, any bias in the data submitted by a provider can hence be easily exposed.
Upon receiving data from all data providers, the Aladin Integrated Oracle will aggregate all data points and pass a single value which will be the average of all inputs or a weighted value.
A hacker trying to trick a smart contract into validating a transaction based on an inflated value from one input provider — which was the case in bZx hack — will thus be impossible.
Aladin Oracle nodes are the same nodes that validate transactions on the Aladin blockchain and produce blocks, which reduces the chances of nodes tampering with the oracle data. So, for an oracle node to manipulate the data, they will have to crack the block-producing node security. And as we know, it is not possible to tamper with the data stored on a blockchain as all nodes of the network keep a copy of the information at any given time. Without a majority of the nodes reaching a consensus, no node can individually edit information on any block.
Additionally, for every new request, the Aladin Oracle randomly selects a set of oracle nodes. This minimises any chances of a pre-planned attack to manipulate the input data.
All nodes of the Aladin Oracle are linked through a software pack and the fetched data is channelled through the security pack. In case a node attempts to change the data, the software notifies other nodes while eliminating the corrupt node and replacing it with a new one.
There are many milestones to be achieved before we can bring decentralised finance to the whole world and eventually make it mainstream. It’s particular that the development of Aladin Integrated Oracle aligns with that goal. The Aladin Oracle can substantially reduce the risk of thefts in DeFi protocols by exploiting the oracle problem. Create An Account to start using Integrated Oracle for your Dapp.-->