The Science

Smart contracts

The Oracle's plot revolves around a particular smart contract. Smart contracts are special software applications that run on blockchains. Roughly speaking, they're like autonomous bots that faithfully execute as programmed and can control money (cryptocurrency). Smart contracts are fueling an efflorescence of new financial technologies, community structures, games, and art forms.

 

Her are some research publications from my group and elsewhere that informed the smart-contract-related technologies in The Oracle. 

​

Rogue smart contracts (a.k.a. criminal smart contracts):  The Oracle is about a rogue smart contract, one that pays bounties for murders. Here's the paper that inspired the story:

​

A. Juels, A. Kosba, and E. Shi. The Ring of Gyges: Investigating the Future of Criminal Smart Contracts. ACM CCS, pp. 283-295, 2016.

 

Happily, rogue contracts aren't technically possible today. But The Oracle serves as a cautionary tale: If we want to ensure that rogue contracts remain out of reach, the community will need to be careful about how AI tools are incorporated into blockchain systems.

 

Oracles:  Smart contracts can't directly access the internet. To​ obtain data that's reliable and tamperproof, they rely on blockchain systems called oracles.

​

A starting point to learn about oracles is my introductory lecture on oracles. (Click on the image.)

​

​

​

​

​

Here are some of the academic publications on oracles discussed in the lecture:

​

F. Zhang, E. Cecchetti, K. Croman, A. Juels, and E. Shi. Town Crier: An Authenticated Data Feed for Smart Contracts. ACM CCS, pp. 270-282, 2016. Slides here.

​

Town Crier was, to the best of our knowledge, the first public-facing service to use Intel SGX, an important trusted hardware system (see below).

​

F. Zhang, S. K. D. Maram, H. Malvai, S. Goldfeder, and A. Juels. DECO: Liberating Web Data Using Decentralized Oracles for TLS. ACM CCS, 2020. Project website: deco.works.

​

I've played a technical role at Chainlink Labs since its early days. Chainlink's two whitepapers also provide a perspective on oracles and their capabilities: 

​

S. Ellis, A. Juels, and S. Nazarov. ChainLink: A Decentralized Oracle Network. 4 Sept. 2017.

​

L. Breidenbach, C. Cachin, B. Chan, A. Coventry, S. Ellis, A. Juels, F. Koushanfar, A. Miller, B. Magauran, D. Moroz, and S. Nazarov. Chainlink 2.0: Next steps in the evolution of decentralized oracle networks. Apr. 2021. 

​

Trusted hardware: The Oracle features a system called Sanctum. It relies on trusted hardware (a.k.a. a hardware-backed trusted execution environment (TEE)) to create an oracle network that can hide secrets and help execute smart contracts efficiently. Sanctum resembles a system called Ekiden, which was the springboard for core technologies in the Oasis blockchain:

​

R. Cheng, F. Zhang, J. Kos, W. He, N. Hynes, N. Johnson, A. Juels, A. Miller, and D. Song. Ekiden: A platform for confidentiality-preserving, trustworthy, and performant smart contracts. In IEEE Euro S&P. 2019.

​

There's also discussion in The Oracle of the many technical problems that have arisen in trusted hardware. One good paper on this topic is:

​

V. Bulck, M. Minkin, O. Weisse, D. Genkin, B. Kasikci, F. Piessens, M. Silberstein, T. F. Wenisch, Y. Yarom, and R. Strackx.

Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution. In Usenix Security, 2018.

​

Multi-block flash loans: Flash loans are one of the most remarkable financial applications in smart-contract systems. They allow anyone at any time to borrow millions of dollars on a blockchain like Ethereum without identification or collateral. The catch? You need to pay back the loan in the same transaction in which you borrow it—effectively before any time passes. The Oracle describes a new type of flash loan called a multi-block flash loan. It lasts longer than a flash loan—some tens of seconds or minutes. I don't want to spoil the plot, but suffice it to say that the hero of the story uses multi-block flash loans to get himself out of a pickle.

​

Multi-block flash loans don't yet exist today, but in the novel they make use of Sanctum's ability to prove how transactions will unfold, an idea in this paper:

​

K. Babel, P. Daian, M. Kelkar, and A. Juels. Clockwork Finance: Automated Analysis of Economic Security in Smart Contracts. IEEE S&P, 2023.

​

​

Digital detective work

The Oracle also involves various forms of cyber-sleuthing in the hunt for the Delphians. One concept that crops up is that of zero-day attacks—basically newly discovered, still secret hacks. A good and accessible (if slightly dated) starting point for learning about them is:

​

L. Bilge and T. Dumitras. Before we knew it: an empirical study of zero-day attacks in the real world. In ACM CCS, 2012.

​​

Some parts of The Oracle relied heavily on industry reports, especially by Sophos and Symantec. Among these, perhaps the best read is the Sophos Koobface Malware Gang Exposed (2012) report, by Jan Drömer and Dirk Kollberg, from which I drew a number of colorful details in the hunt for the Delphian hackers.

​