Developer of ubinetic Oracles for Tezos: Data Transmitters Have Incentive to Cheat
The ubinetic team develops a new type of oracle for Tezos. Alessandro De Carli talked with Tezos Ukraine about what makes their solution simpler than Harbinger and Chainlink, and ubinetic's backend works on regular smartphones.
Besides ubinetic, Alessandro and the Papers team have worked with blockchain technology for over ten years. For Tezos, they have created a solution to connect wallets to DApps called Beacon, the mobile wallet AirGap, and the explorer tezblock.io.
Hello Alessandro! How did you become a Tezos developer?
During my studies, I was working with this distributed system called bitcoin. Having worked in the mobile security space for large financial institutions here in Switzerland we identified that while mobile platforms are by design a way more secure environment for a wallet than any computer operating system. So we decided to bring our security knowledge to the crypto community with our self-custody solution AirGap. Before AirGap one of the first use cases we solved also in mobile was an instant payment solution leveraging state channels on bitcoin, this was done in collaboration with Christian Decker the same technology evolved in what we call lightning network today.
What projects are you working on now?
youves is my personal focus at the moment, together with everything that goes with it like ubinetic oracles. On the other hand, Papers consists of many more engineers that work on projects with financial institutions but also on other exciting crypto projects related to Tezos like Beacon, Tezblock, Ecoo and other NFT projects.
You recently entered into a partnership with Bitcoin Suisse, Sygnum and Taurus. Can you explain both parties’ benefits from the partnerships like this?
The vision of youves is to provide people with a tool to create and manage their own synthetic assets. In order to deliver on that vision, it’s important that we set close to no limitation on oracle data. The ubinetic oracle setup gives us a framework that separates data sources from data transmitters. Furthermore thanks to the Google Attestation we end up with a solution that relies on very little trust from known parties (like the Google Device Attestation Solution). Bitcoin Suisse, Sygnum and Taurus have been a perfect fit for a semi-trusted data transmitter that allows us to generically consume data sources hence ultimately be able to deliver on our vision.
What are the main problems and bottlenecks with using oracles to get data feeds?
The main challenge from the technical point of view is trust. Since oracle data controls logic in smart contracts holding digital assets it can be easy to see why a data transmitter has the incentive to cheat. So the problem one needs to solve is “how can I prove that the data was collected properly and not tampered with”.
How ubinetic Oracles differs from Chainlink and Harbinger? What are the advantages for the users and developers to use ubinetic instead of those?
Chainlink and Harbinger have two very different approaches to providing data. To summarize: Chainlink is a community-based approach where if enough people broadcast the same data it is considered to be trustworthy. On Harbinger, the data is signed at source (i.e. Coinbase signs the data) and hence considered to be trustworthy. Out of the two, I like the Harbinger approach better. The reason why we needed another solution is that both Chainlink and Harbinger don’t offer a “generic” way to request data, this means if for your use case the data does not exist yet, it will be fairly complex to set up.
At ubinetic, we have solved the custom requests problem by separating data sources and transmitters. Our oracle works as follows:
- The transmitter company launches the ubinetic app on several Android smartphones.
- The app gets data through API, for instance, the Tezos to USD price on Binance. Then it checks the accuracy, timeliness, and completeness of the information.
- ubinetic signs the information and sends verifiable proof of non-tampering with the app’s operation to the data transmitter.
- The transmitter confirms that the information is in accordance with the source, and the app had not been modified.
- ubinetic sends the data to the aggregator.
- The aggregator collects the signed data from several transmitters.
- Once the predetermined time has elapsed, the aggregator sends the data to the normalization contract on Tezos.
- The normalizer calculates the volume-weighted average value of the data provided by transmitters and transfers it to youves.
On top of that, ubinetic provides cryptographic proof of honesty for every step of the data-gathering process, while data transmitters cannot feign anything.
How can one connect to ubinetic as a data transmitter?
We are in the process of opening this up and making it more decentralised. If anyone is interested to join and act as a data transmitter they should reach out directly.
Can you explain why ubinetic Oracles is running on Android smartphones?
In a high-level summary, Android phones come pre-shipped with some of the most battle-tested HSMs (Hardware Security Modules), Google provides a way to attest on their device that the software they are running was not modified in any way. By leveraging this Key Attestation we can create a trusted execution environment that allows us to provide data along with proof that it was collected using a specific executable. This makes it very difficult for someone to cheat because he/she would need to be able to break the Android Device Attestation Framework. As of today, there is no public way to break the device attestation.
For technical details, you could read our post about ubinetic on Medium. There is a lot of information on Android along with research on the safety of different operating systems. You can also check out the source code of ubinetic and use its mechanics in your own project.
Does ubinetic have some kind of data standardization? For example, three exchanges may provide Bitcoin/USD prices, but with different names like “BTCUSD”, “Bitcoin” and “btc”. How does ubinetic Oracles handle situations like this?
At the moment the system is capable of working with HTTPS REST JSON APIs. The creator of a price feed request will specify the URL and a JSON Path to select the bit of information that needs to be signed and made consumable for the smart contract. So in the end the “semantic” of that data will still be provided by whoever sets up the oracle.
Can you name some use cases for the oracles capable of fetching data from off-chain providers?
ubinetic suits any application that requires data from outside sources. Thus, a blockchain bookie could find out the final score of a football game, a synthetic assets platform could get to know the commodity prices, and a cross-chain bridge could detect how many tokens there are on a particular Ethereum address.
How do you think, what kind of DApps or technologies Tezos lacks the most?
This is a tough one. On one hand, I see that there is a lot of activity in the Tezos Ecosystem as well as super interesting projects, on the other hand, I see that we are still very early stage. What I really would like to see is the projects with self-sustaining business models that drive the incentive to push the protocol further.
Join the Tezos community in our social media channels and never miss any updates!