Securing the Bridges Between Two Worlds: a Systematic Literature Review of Blockchain Oracles Security

Loading...
Thumbnail Image
Journal Title
Journal ISSN
Volume Title
Perustieteiden korkeakoulu | Master's thesis
Date
2023-06-12
Department
Major/Subject
Security and Cloud Computing
Mcode
SCI3113
Degree programme
Master’s Programme in Security and Cloud Computing (SECCLO)
Language
en
Pages
77+16
Series
Abstract
Blockchain technology has paved the way for the decentralization of Internet services. It achieves this using a decentralized and distributed ledger that can withstand single points of failure. The ledger is secured through advanced cryptographic techniques and a decentralized consensus mechanism that ensures its resistance to tampering. Blockchain is a self-enclosed system, usually called on-chain world. To interact with the rest of the internet outside the blockchain (e.g., off-chain world), we need to set up interfaces to let the two worlds interact. These interfaces are called oracles. Given the role of the oracles in a blockchain system, it is paramount to design and implement them securely. We perform a systematic literature review that shows not much research is done into studying the security aspects of blockchain oracles. The research mostly focuses on the economic aspects of the oracles or on how to implement or design oracles that can benefit some specific use cases. In this thesis, we select two inbound oracles and implement them to evaluate and compare them from a security point of view. The contribution of this thesis consists of a literature review motivating the need for further research on the topic and comparing two inbound oracles, as the technique used to perform them can be extended and adjusted to other oracles as well. We also present the implementation of an outbound oracle for completeness and discuss its security properties. Furthermore, we present a novel approach that makes use of a decentralized oracle network (i.e., Chainlink) to build a system that fetches off-chain data to the blockchain and then securely retakes the data off-chain, such that there is no need to trust the oracle nodes. The technique we propose is thus blockchain and oracle agnostic and can be applied in various situations.
Description
Supervisor
Fagerholm, Fabian
Thesis advisor
Matulevičius, Raimundas
Keywords
blockchain, oracles, security, computer security
Other note
Citation