[Resource Topic] 2022/499: Practical Decentralized Oracle Contracts for Cryptocurrencies

Welcome to the resource topic for 2022/499

Title:
Practical Decentralized Oracle Contracts for Cryptocurrencies

Authors: Varun Madathil, Sri AravindaKrishnan Thyagarajan, Dimitrios Vasilopoulos, Lloyd Fournier, Giulio Malavolta, Pedro Moreno-Sanchez

Abstract:

The lack of data feeds about real-world events happening outside'' of the blockchain environment is a critical obstacle to the development of smart contracts. This has motivated the introduction of trusted identities, the so-called Oracles’‘, that attest the information about real-world events into the blockchain. This enables mutually distrustful parties to establish contracts based on said events. Previous proposals for oracle-based contracts rely either on Turing-complete smart contracts or on trusted hardware. While the latter imposes an additional trust assumption, the former relies on a Turing-complete language to write the complete data feed on-chain, imposing thus an undesirable on-chain storage overhead and being incompatible with many popular cryptocurrencies that do not support Turing-complete language such as Bitcoin. Moreover, no proposal so far comes with provable cryptographic guarantees. In this work, we lay the foundations of oracle contracts for cryptocurrencies. We present game-based definitions that model the security properties of oracle contracts, and we propose the first construction with provable security guarantees. Moreover, our construction does not incur any additional on-chain overhead and is compatible with all cryptocurrencies. Finally, our evaluation shows that our construction is practical even in commodity hardware. As a contribution of independent interest, we show an efficient construction of witness encryption for the class of languages: \{ (\vk, m) \in \mathcal{L} : \exists~\sigma \text{ s.t. }\mathsf{Verify}(\vk, \sigma, m) = 1\} where \sigma is a BLS signature on m. We show how this can be efficiently extended to the threshold settings (allowing the distribution of trust among several ``Oracles’') and how to prove that the encrypted message has a certain structure (e.g., it is itself a valid signature on some message). To guarantee the latter in a practically efficient manner, we develop a new batching technique for cut-and-choose, inspired by the work of Lindell-Riva on garbled circuits.

ePrint: https://eprint.iacr.org/2022/499

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .