Verifiable Oracles for Tezos by ubinetic

The challenge

  1. The data source (i.e. Coinbase) signs the data directly. This is the most elegant solution because it requires no “special” role of data transmitter/data fetcher. This solution is currently only available for crypto related projects which limits the possible use cases significantly (see Compound).
  2. Put full trust in the data transmitter and assume or hope the data is not manipulated. This approach is common, and sometimes multiple parties are used. One assumes that if enough parties provide the same data it can be trusted (see Chainlink).
  3. Use a verifiable way to fetch the data, such that a third party can verify that the data was collected in a certain way (see Provable).

Why Android?

What is the Android SafetyNet Attestation?

  • a specific executable with a specific signature and hash requested this attestation
  • the device has not been tampered with all the way from the boot loader to the application.

What is the Android Key Attestation?

  • the key is located in a Hardware security module (HSM) that Google believes to be secure.
  • the key has all the properties described in the attestation

How is the oracle designed?

How can an end-user verify this process?

Summary

  • By leveraging secure hardware with cryptography and a PKI given by Google we provide a way to verify fetched data from data sources and provide that data in a Tezos smart contract consumable format
  • The system requires trust in Google’s PKI
  • The system requires trust in Android’s security
  • The system requires a dedicated Android device (in our implementation, two devices per Data Transmitter)

What is planned in the future?

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store