Oraclize – Data carrier for decentralized apps

http://www.oraclize.it/

Oraclize is a London based startup focused on providing blockchain oracle services. Oracalize currently serves thousands of requests every day on Ethereum, Bitcoin and Rootstock.

Why do we need Oracles in smart contracts?

Smart Contracts are unable to connect with external data, or any other off-chain resources on their own. Smart contracts are self contained,  immutable and stateful. That means that when you run a smart contract on the blockchain the state is recorded in the blockchain forever. A smart contract cannot change its own state by itself or by triggering an event within itself at a later date and time. In simple words, a smart contract cannot call an API to update data. But, there are scenarios where you might want to use data from outside world. In fact , 80% of current smart contract use cases need external resources. For example a Sports Betting App will have a smart contract, which will need latest scores of a particular game. This information might be only available from outside world , for example NFL.com; this data cannot be pulled directly from a smart contract that is already deployed on a blockchain. This is where the concept of “Oracle” helps. The oracle service relays the data or changes to blockchain by calling the smart contract.

Oracalize is a centralized model for providing Oracle services for Smart contracts.The Oraclize platform supports different types of data sources such as REST URLs, IPFS systems or even the WolframAlpha computation engine. New types of data source should be expected as the platform evolves. The specific criteria to access a data source is specified through a Query which is a series of name-value pairs that can be used to filter the target data. Oraclize is designed to act as an untrusted intermediary. Optionally, a request to Oraclize can specify an authenticity proof. Not all proofs are compatible with all data source types.

The way Oracle’s work with Smart Contracts is a 2 step operation:

1. Smart contract implements a method which calls the oracle’s 3rd party api for data.
2. Smart contract implements a callback function (with filters that only a particular Oracle address can call this method), which accepts input data from Oracle in future.
3. Now, a user needs to trigger a smart contract method  to fetch latest data from (step 1) and spend “Gas” and minimum “fees” that is needed to make this call .
4. The 3rd party oracle service gets called and gets paid the fees for them to fetch data etc.
5. Now, the 3rd party oracle service triggers the smart contract call back method (step 2), to update the data fetched from the 3rd party api.

Every contract call has to be triggered by an outside event. The oracle service (middle layer 3rd party) or a direct third party will have to call the smart contract and change the state of the smart contract.

To use can oracle service. A smart contract needs to code which oracle service or inbound service a smart contract wants to call. Which in turn will call back the smart contract.

Oraclize developer portal is here. https://dev.oraclize.it/

Sample smart contract code  can be found here . Here is the link to the testing tools.

As compared to decentralized Oracle netowork, the solution developed by Oraclize is instead to demonstrate that the data fetched from the original data-source is genuine and untampered. This is accomplished by accompanying the returned data together with a document called authenticity proof. The authenticity proofs can build upon different technologies such as audit-able virtual machines and Trusted Execution Environments.

A more detailed overview of Oraclize authenticity proofs is provided in the Authenticity Proofs section of this documentation.

Oraclize also provides Oraclize Engine. This engine can be useful for repeated verification of certain data from outside world and only triggering the smart contract when certain conditions are met.

Pricing

The oraclize_query automatically recovers the fee at execution time. The fee consist of two parts:

• The amount of Wei which corresponds, using a recent exchange rate, to the USD price for the data source and the authenticity proof requested
• The amount of Wei which Oraclize will spend in gas for sending the callback transaction

The Good:

• Oraclize Engine is a extremely useful feature of Oraclize, where the engine can keep looking for data until a certain condition is met, and then trigger the blockchain contract based on the filter.
• Significantly reduces the overhead of Dapps developers to build their own oracle services and deal with data integrity.
• Developers can make encrypted Oraclize queries by encrypting an entire query or some of its arguments with the Oraclize public key.
• Dapps developers can only focus on on chain smart contract development and other off chain computations.
• Oraclize.it simplifies the fetching external data and call back mechanism that is needed for decentralized application development.
• Less fee and, for every request and faster as compared to decentralized oracle network solution.
• Oraclize engine can be easily integrated with both private and public instances of different blockchain protocols.

The Bad:

• Using a 3rd party oracle service will cost you per request.
• Oraclize has very few direct api contracts with 3rd party data providers.
• Centralized Oracle services are a single point of failure. There are no tamper proof guarantees unless you use the Authenticaty proof mechanism which is optional.
• Centralized Oracle service can be an easy target for DOS Attacks.
• Centralized Oracle service can be attached and hacked by hackers to avoid any smart contracts associated to deny triggering of contracts.
• New trend is towards using decentralized oracle networks to guarantee tamper proof data.
• There might be need of trusted hardware like Intel SGX, for being tamper proof. Oraclize needs to confirm if thats the case with them.