Reference · Foundations

Oracles & The Oracle Problem

Oracle: any mechanism that writes off-chain data (prices, events, identities, "did X happen?") onto a blockchain so smart contracts can act on it.
The oracle problem: the blockchain's trust guarantees do not extend to the data an oracle supplies. The chain proves a value was not altered after it was written — never that it was true when written.

Why oracles must exist

A blockchain is a closed, deterministic world. Every node re-executes every transaction and must reach the same result, so contracts cannot make API calls, read files, or fetch a price — non-deterministic inputs would break consensus. Any outside fact must therefore be pushed in by an oracle as a normal signed transaction.

Real world  ──►  ORACLE  ──►  Blockchain  ──►  Contract acts (irreversibly)
(NAV=$1.03)     (writes it)    (immutable)
                    ▲
            trust lives HERE; immutability cannot protect this step

The three failure modes (interview-grade)

Failure	Meaning
Source trust	The feeder lies or is compromised. Garbage in → immutable garbage out.
Staleness	The on-chain value is real but old. A contract acting on a 3-hour-old NAV may be acting on a wrong price.
Manipulation	An attacker distorts the source (e.g. a thin market the oracle reads) to move the on-chain value in their favour.

Mitigations — the design choices you evaluate

Multiple independent sources — aggregate several feeds; don't trust one.
Decentralized oracle networks — e.g. Chainlink: many node operators stake and report, with economic penalties for lying.
Accountable named oracle — in regulated/permissioned systems, a legally liable party (transfer agent, admin) attests to the data. Trust is not eliminated but made accountable. Often the right answer in institutional finance.
Freshness checks & circuit breakers — contracts reject data older than N seconds or outside sane bounds.

Marketnode application

Every fact a tokenized product depends on — NAV, FX rates, coupon/dividend events, corporate actions, KYC status, "did the wire settle?" — is an oracle input. The recurring institutional pattern: replace blockchain's "trustless" ideal with a legally accountable data provider, then design freshness and override controls around it.