In blockchain applications, people often hope that business logic can be automatically executed on smart contracts as much as possible to reduce trust costs and achieve smart and automated business processes. Therefore, smart contracts need to upload more data from the Internet world to meet complex and changeable application scenarios. Due to the blockchain consensus mechanism and the inherent characteristics of virtual machines, smart contracts cannot access off-chain data, which greatly limits the application scope of smart contracts.
In order to solve these problems, WeBank Blockchain has actively analyzed and summarized industry needs based on years of technical research and application practices, and has developed a set of trusted oracle solutions for alliance chains, Truora.
Truora, named after Trust (trusted) and Oracle (oracles), can be read as [tru ɔ:rə]. As a bridge connecting the alliance chain and the Internet, Truora is committed to making Internet data safe and reliable on the chain.
In order to help partners across the industry to use safe and reliable oracle solutions at a low threshold, further broaden the application scenarios of the alliance chain, and promote the ecological prosperity of the alliance chain, the WeBank blockchain adheres to the concept of open source and openness, and opens Truora to the community and The public is completely open source, and partners from all industries are sincerely invited to join hands in building.
Know the oracle
"What can blockchain do?" issued by the People's Bank of China What can't be done? In the report, the definition of the oracle is:
" The mechanism by which information outside the block chain is written into the block chain is generally called an oracle mechanism. "
The blockchain can only access the data of the blockchain itself, and solve the trust problem in the system in a closed loop. Once it comes to obtaining off-chain data, its functions will be limited. The main reason is that no matter when and where the smart contract runs, the result must be consistent. Therefore, the virtual machine cannot allow the smart contract to make network calls, otherwise the result is uncertain.
How to connect the blockchain to the Internet world? The oracle can play the role of a connector. As a trusted middleware, the oracle function inputs data from the Internet world into the blockchain to provide connectivity to the Internet world for smart contracts.
Truora design philosophy
The design of an oracle machine needs to consider many factors, such as the timeliness of data response, data accuracy, usage cost, and service security.
Centralized oracles generally have lower cost and higher timeliness; multi-centralized oracles have relatively higher security and data accuracy. Different application scenarios have different requirements, and users need to make corresponding choices for the above features.
Based on this, Truora’s overall design idea is: as a set of centralized and multi-centralized technical solutions, users can choose suitable technical solutions according to different business scenarios and the degree of trust required.
In order to provide safe and reliable data for the alliance chain, Truora solves the credibility problem from the data source and deployment method:
1) Data source credibility: multiple data sources + introduction of credible data sources
Ensuring the trustworthiness of off-chain data sources is a key part of data trustworthiness. When using an oracle, users need to ensure that the data source they access is safe and reliable. When a user accesses an unsafe data source, unsafe data is likely to cause problems with the logic on the chain.
When Truora was designed, it adopted multiple data sources + the introduction of trusted data sources to solve the problem of data source credibility.
Multiple data sources : By using multiple data sources to access data, users can prevent data sources from doing evil to a certain extent. For the data to be obtained, users can specify multiple authoritative or credible data sources to obtain results. Truora can support users to collect results from multiple data sources and feed them back to users.
Introducing trusted data sources : Truora can combine the specific scenarios of the alliance chain to formulate specifications for data provided by data providers, such as data format specifications, governance specifications, etc., to improve data credibility from the source. At the same time, Truora performs admission control and authentication management for data providers, and provides high-quality, credible and verifiable data services by introducing high-quality data service providers.
2) Centralized deployment of oracles
After the credibility problem of the data source is solved, we need to solve a core problem for the centralized deployment of the oracle: how to ensure that the oracle does not do evil when grabbing data and uploading data on the chain.
The oracle centralized deployment solution is characterized by simple and efficient, suitable for scenarios with low request latency, and can quickly obtain data and upload it to the chain. But the ensuing problem is that the centralized oracle may have a single point of failure, or the centralized organization may tamper with data midway to do evil.
In response to the single point of failure, Truora supports cluster deployment, that is, multiple Truora simultaneously monitor events on the chain, sharing the same database and private key.
In response to the problem of centralized institutions tampering with data midway, such as malicious forgery and tampering with data, Truora is designed to evade from two dimensions: software and hardware:
On the hardware: The oracle is placed in a trusted execution environment (trusted hardware), and the oracle program is deployed in a secure TEE environment, and the integrity of the program is guaranteed; shielding other processes from access can effectively prevent the oracle server from doing evil. However, the effectiveness of TEE depends on the security of the TEE hardware device itself, and it needs to rely on a trusted third-party device whitelist authentication service. When implemented across institutions, it may encounter certain challenges. Users can use it according to their actual conditions. .
Software: Truora is optimized based on the TLS (Transport Layer Security) protocol, and uses authenticity certification to expose TLS connection details to ensure that the data is indeed sent from the data source. It is Truora's key research direction to solve the problem of centralized oracles doing evil in software.
3) Multi-centralized deployment of Oracles
For scenarios with high levels of trust requirements, such as finance and government affairs, Truora provides a multi-centralized oracle deployment solution. The core of multi-centralized oracle deployment is that distributed oracle services require a certain degree of "consensus" on the data collected by each.
Truora obtains data through multiple oracles, aggregates the data and feeds it back to the user contract. Data aggregation is divided into on-chain aggregation and off-chain aggregation:
On-chain aggregation : Users can specify a specific number of oracle node lists and result aggregation methods (take the maximum, minimum, median, average, etc.). After the oracle obtains the data, once there is enough public result response, the chain The upper aggregation contract aggregates the results of each oracle and writes it back to the user contract.
Off- chain aggregation : On-chain aggregation requires multiple interactions with the chain. In order to improve aggregation efficiency and reduce costs, Truora introduces a p2p network and cryptography suite, and uses BLS threshold signature technology to realize off-chain aggregation.
In addition, multi-centralized deployment encourages institutions to participate in the construction of oracles, which involves the governance of oracles service providers. The Alliance Chain Governance Committee will review the qualifications of the oracle server, and maintain the overall registry contract to manage each oracle service.
Truora application scenarios
For various application scenarios involving uploading off-chain data to the blockchain, Truora can be considered. The potential scenarios are listed as follows:
Scene 1: Express
Scenario : A user places an order to buy clothes through an e-commerce platform. After the purchase is successful, the user deposits funds into the smart contract. Under normal circumstances, after the user signs for the courier, he signs with his private key and uploads the signature information to the chain, and the smart contract will automatically transfer the money to the merchant.
But if the express is lost midway, how can the user apply for compensation?
Solution : Truora can pass the express status information to the smart contract on the chain. If the user does not receive the express for a certain period of time, the user initiates the compensation process. The smart contract determines whether to return the funds to the user based on the express status obtained by the oracle.
Scenario 2: Just Draw
Scenario : In the process of buying houses in some cities, lottery is adopted to ensure fairness. Its openness, transparency and fairness have become the focus of attention of many people. However, buyers know very little about the lottery process and can only wait for the result of the lottery.
A secure random number cannot be generated on a closed chain. How to generate a secure random number on the chain to realize lottery fairness?
Solution : The real estate company can deploy a lottery smart contract. After verifying the customer's qualification to purchase a house, the customer's identity of the qualified purchaser will be uploaded to the chain, and the random number can be obtained from the website of the notary office or the random number website through Truora, or use Truora's VRF (Verifiable random number) function to generate random numbers. After the random number is generated, the smart contract determines the winner based on the pre-programmed lottery logic, and the home buyer can view the lottery information in the entire chain.
Scene 3: Charity
Scenario : Using the immutability and traceability of blockchain technology can solve the problem of fund flow in charity, such as tracing the whereabouts of donations. At the same time, the use of smart contracts can effectively solve the complex process problems in traditional charity projects. We hope that smart contracts can automatically transfer donations to eligible applicants.
In order to ensure the authenticity of applicant information, charitable organizations need to verify applicant's personal information, such as case information, real estate information, and work information, through smart contracts, in addition to simply verifying applicant information off-chain. How to make the smart contract automatically verify this information?
Solution : Specify an off-chain website related to the applicant's personal information, and use Truora to upload the applicant's personal information on the chain. The smart contract uses this information to determine whether the applicant is eligible to apply and meets the conditions for automatic donation, such as after the verification is passed. Then initiate an automatic transfer to the applicant, and record the applicant to the blacklist if it fails.
Experience Truora now
Truora provides a containerized deployment method to help users shield the complexity of the installation environment. Currently, it provides two installation methods: quick experience and independent deployment.
Quick experience
This deployment method will deploy Truora and related dependencies at the same time. Related dependencies include: 4 FISCO BCOS nodes, WeBASE-Front, MySQL, and Nginx services.
After successful deployment, you can develop and debug oracle contracts in WeBASE-Front's contract IDE, which is suitable for developers who want to experience Truora quickly.
Independent deployment
This deployment method only deploys Truora and MySQL (optional) services, which is suitable for scenarios where there are FISCO-BCOS nodes and WeBASE-Front.
Open source address
github code base address
Back-end code base:
https://github.com/WeBankBlockchain/Truora-Service
Front-end code base:
https://github.com/WeBankBlockchain/Truora-Web
gitee code base address
Backend code base:
https://gitee.com/WeBankBlockchain/Truora-Service
Front-end code base:
https://gitee.com/WeBankBlockchain/Truora-Web
Document address:
https://truora.readthedocs.io/
Welcome to participate in the community building of Truora:
If the project is helpful to you, welcome to light up our little star (click the Star button at the top left of the project).
Welcome to submit code (Pull requests).
Ask questions and submit bugs.
If you find a security vulnerability in the code, you can report it through https://security.webank.com/.
If you encounter technical problems, you can reply to the [ little assistant ] in the official account dialog box and enter the WeBank blockchain exchange group for consultation.