Publicly verifiable authenticity of data from multiple external sources for smart contracts using aggregate signatures
B. van der Laan (TU Delft - Electrical Engineering, Mathematics and Computer Science)
More Info
expand_more
Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.
Abstract
Smart contracts are applications that are deployed and executed on a blockchain's decentralised infrastructure. Many smart contract applications rely on data that resides outside the blockchain. However, while traditional web applications can communicate with trustworthy data sources directly through the Internet, this is not possible for smart contracts because their execution must be deterministic. Bringing external data into the blockchain has been a topic of research since the first introduction of Ethereum, and a system that can provide this data to smart contracts is called an oracle. The primary requirement in designing oracles is that the authenticity of the data must be publicly verifiable, which can be achieved through signatures. However, transmitting data to the blockchain and performing the verification is costly, especially if applications require data from multiple sources as, in that case, current approaches would need to retrieve the data from each source separately.
This research aims to reduce the cost of retrieving external data for smart contracts from multiple sources while ensuring that the authenticity of the data is publicly verifiable. Two factors influence the total cost. The first is the size of the data, which determines the cost of transmitting the data to the blockchain and storing it, while the second factor is the cost of verifying the authenticity. In this work, we focused on the first factor, as transmission and storage of data are among Ethereum's most expensive operations.
We present two oracles for retrieving data from multiple sources, which we believe to be the first to focus on the multi-source scenario. The oracles both lower the cost of retrieving external data by compressing the proofs of the data's authenticity using aggregate signatures. Even though the oracles achieve the same goal, they are based on different primitives. The first uses bilinear pairings and produces an aggregate signature of constant size, regardless of the number of data sources that are involved. The second is based on the more standard assumption of trapdoor permutations. However, the aggregate signature grows slightly with the number of signers, and the oracle must interact with the data sources sequentially. We confirm the feasibility of our work by implementing and practically evaluating the two oracles in the Solidity programming language. Our experiments show that both oracles expend less gas than non-aggregating oracles based on the same main primitives.