ChainLink Review: What is it and how does it work?
ChainLink is a blockchain-based, decentralized oracle service that acts as a secure middleware to connect any blockchain-based smart contract to real-world data in order to enable on-chain and off-chain communication and transactions between the two sides through external APIs, ChainLink smart contract, nodes, and oracles. It allows smart contracts to use real-time input data and output data from different sources including blockchains, real-world sources, data pools, APIs. That means smart contracts can gain data from sources outside blockchain as well as from blockchains and that's a thing that could improve the usability of smart contracts.
It uses oracles as agents to verify the validity, security, and authenticity of real-world data and prepare it to be recorded in a smart contract on the blockchain. There are many applications for ChainLink, especially when it comes to extending the use cases of blockchain to the rest of the world systems. For instance, it could effectively allow linkage between blockchains and non-blockchain-based applications, platforms, and payment services such as PayPal, Visa, and banks. For instance, ChainLink has announced a partnership with SWIFT to integrate payments into its blockchain platform. With it, users can send payments from their smart contracts directly to bank accounts and payment networks. That means real-world data from organizations such as banks can act as a trigger to the smart contract when connected via ChainLink's off-chain and on-chain solutions.
It also works as an integration and interoperability solution since it supports connectivity to and between Ethereum dApps, and will also allow connection between more blockchains in addition to Ethereum on which it is based.
ChainLink is Ethereum-based and was created in 2015, was initially called SmartContract, it held an ICO in 2017 for its LINK token project, and is currently in beta and expected to full-launch this year. It uses smart contracts to facilitate specific events such as payment transfers and price fluctuations and once a specific threshold is reached, the block or blocks involved are processed by a mesh network of oracle nodes that reach a group consensus. Right from the platform, organizations can build smart contracts that use ChainLink features. Developers can also build an external adapter that connects to the service.
It is now integrated by many projects including Ocean Protocol, IOStoken, Hedera Hashgraph, DataSportsGroup, Synthetix to decentralize price feeds, Provable, Celer, Bodhi Prediction Market, dApp development platform Naka Chain, Katallassos enables the financial contracts on its chain to access off-chain data, STKtoken, Mobilum, Etharemit, Kaleido_io, RTrade Technologies for enterprise-grade off-chain data storage, and many many others.
The startup has partnerships with among others Synthetic, Provable, Celer, Bodhi and Naka Chain.
ChainLink features and how it works
The oracles are used because blockchains cannot directly connect to the external data sources, and they act to find and verify real-world events and occurrences and submit the information to blockchain-based smart contracts. Oracles are centralized third parties in nature and not part of blockchain consensus mechanism and therefore the data received from them is set in the system to be trustworthy based on mechanisms later reviewed in this article, for instance, penalizing the data source if a falsified data is submitted.
We already mentioned that ChainLink uses smart contracts. Its' on-chain smart contract that is also called "ChainLink", links to the user's blockchain smart contract while at the same time it (ChainLink smart contract) is linked to the ChainLink nodes that link to the external APIs. The user in this case could be an individual, a dApp, or an organization.
When a user of a smart contract makes an on-chain request to the network, the ChainLink smart contract will log an event for the Oracle. The ChainLink nodes consist of the Core and Adapter. The Core will pick up the logged event and route that assignment to an adapter, which will perform a request to an external API for instance from an external bank which is to be linked to the said blockchain smart contract to provide the service to the requester on the blockchain. The adapter will process the response and pass it back to the core, which will then report the data to the ChainLink smart contract, which will, finally, aggregate the responses and pass them back as a single response to the user contract.
The ChainLink on-chain smart contract itself contains a number of smart contracts of different kind: namely a reputation contract, an order-matching contract, and an aggregating contract. When a user requests to purchase an oracle service, he specifies requirements on the service level agreement (SLA) proposal. The proposal will specify things such as the number of oracles needed by the purchaser, the reputation of aggregating contracts to be used for the rest of the agreement (this piece of information is used to test performance) and the relevant query parameters.
Purchasers are able to sort, filter, and select oracles via off-chain listing services hosted on the system. The reputation contract tracks performance metrics of the oracle provider service while the order-matching smart contract takes and logs the service level agreement parameters and collects bids from oracle providers. It then uses the reputation contract to select bid and then finalizes the Oracle SLA. The aggregating contract will then collect the Oracle provider's responses and calculate the final collective result of the ChainLink query. It also feeds the provider's metrics back into the reputation contract.
The ChainLink contracts are modular and can be configured or replaced by the user as desired. ChainLink will also implement automatic oracle matching through order matching contracts to feed demand, for instance where a contract may need to request oracle services dynamically in response to its load. In that case, the purchaser of oracle services will submit the SLA directly to an order matching contract instead of contacting the oracles directly. This would create a log that the oracle providers can monitor and filter based on their capabilities and service objectives.
On the other side of the sell, the platform will connect to many service providers through APIs and these providers basically sell oracles. The system allows oracle service providers to bid on contracts submitted by purchasers and when they do so, they have to commit to the contract, otherwise misbehavior would cause them to incur a penalty from funds that they attach to the contract when placing bids in order to show commitment to the bid.
Once providers submit their bids, the requested number of oracles by the oracle service purchaser will be selected from the pool of bids when the SLA has received enough bids and the bidding window has come to an end. The penalty payment will be returned to the oracles that are not selected for service provision, while the final SLA record is created, triggering a log that notifies the selected oracle and the oracle will then perform the assigned as detailed by the purchaser in the SLA. The off-chain oracles will carry out the agreement and report back on-chain. The results will be fed to the aggregating contract which will tally the collective result and calculate a weighted answer and the validity of each of the oracle response is then reported to the reputation contract. The weighted answer is then returned to the specified contract function in the user/purchaser smart contract.
Chain Link works like a normal blockchain with node operators who can choose to add software extensions known as external adapters that allow the operators to offer additional off-chain services. The nodes are run by both public and private blockchain networks in enterprise settings, meaning it is a decentralized service.
The node software comes with some in-built subtasks such as HTTP requests, JSON parsing, and conversion to various blockchain formats. The external adapters support connection to external services via API and the team expects that the adapters will be open-sourced so that they can be audited and run by various community members. It is also possible to support compatibility between adapters being built by different developers.
Smart contract based validation, service quality monitoring, a reputation system, and security against data falsification or fraud
Service quality monitoring
Besides, to ensure quality services, there is a validation system that monitors the oracle's behavior and provides metrics about performance. It will monitor and report uptime statistics of the oracles, and the correctness of the oracle as measured by deviations from responses provided by peers.
Smart contract validation
ChainLink uses smart contract-based validation service that rewards oracles for submitting evidence of deviating responses (by default, oracles digitally sign their responses and therefore, generate immutable evidence of their answers, but they do not sign their failures).
For purposes of enhancing trust in the system, the system will have a reputation system that records and publishes user ratings of oracle providers and nodes and hence users can evaluate oracle performance. The reputation system will employ factors beyond user data history such as the user's familiarity with oracle's brands, operating entities and architectures. The ratings will also be provided to other smart contracts for reference purposes. The reputation system will record data such as total number of assigned requests, completed requests, number of accepted requests, average time to respond, amount of penalty payments, etc.
Security against data falsification, hacks, fraud and other vulnerabilities
Since it allows connection to centralized as well as decentralized services, it may need to handle many issues of data security. The smart contracts on the platform are secured against data falsification and insurance fraud where smart contract insurance data feeds may be tampered by incorrect parties not party to contract and by an insured party. If data is falsified by an incorrect party, the smart contract may be paid to the incorrect party. Payment may also be released to goods that haven't arrived.
For this reason, data such as user requests is not only encrypted for confidentiality but is only revealed to the querying service. the platform also has authenticity properties to ensure users will connect to specified target data sources at specified times or range of times, or that the obtained and return data is sent back to the smart contract under same conditions.
Besides, ChainLink works as a decentralized service that is secured by nodes and that is also prevented against faulty nodes through distribution of data services, distribution of oracles, and the use of trusted hardware. While some oracles rely on manual human inputs of structured data to verify data and others rely on notarization, these are inadequate for blockchains and ChainLink employs additional mechanisms to deal with that. For instance, creating a decentralized oracle network for smart contracts to securely interact with resources external to the blockchain such as cryptographically secure data feeds and facilitating interoperability between blockchains, are some of the approaches intended to solve this problem.
A certification service is also expected to prevent catastrophic events such as block cheating in the form of Sybil and mirroring attacks where an attacker through a node, controls multiple, ostensibility independent oracles. As an example, the attacker in that case may attempt to dominate the oracle pool and cause more than oracles to participate in the aggregation protocol and provide false data at strategic times for instance in order to influence large transactions in high-value contracts.
Attacks might also arise from collusion by many adversaries and which may be undetectable from on-chain behavior alone. Sybil attackers can also induce mirroring where it causes oracles to send individual responses based on data obtained from a single data-source query. That is, they may share data off-chain but pretend to source it independently. Certification will provide general integrity and availability assurance, detecting and helping prevent mirroring and colluding oracle quorums in the short-to-medium term. It would ensure endorsements of high-quality oracle providers. It is meant to rate providers for the benefit of users and not dictate oracle node participation or non-participation in the system.
A Contract-Upgrade Service will also ensure that upgrades will cover vulnerabilities. If vulnerabilities are discovered, ChainLink will create new requesting smart contracts that will be able to migrate to the new set of oracle contracts. A flag to be included in oracle calls from requesting contracts will indicate whether or not a call should be forwarded to a new ChainLink smart contracts should one become available. That's because old contracts after new ones have been created, it will remain part of the old and potentially vulnerable set. Further, migration to updated contracts will be visible on the blockchain and available to audit for users to review before upgrading.
The ChainLink platform token is called LINK and is spent on a number of events including rewarding oracles and is therefore mined by selling off-chain services and data through an API connected to the network to become a node. Although it is based on Ethereum platform, this may change upon launch because the token is expected to use a custom token standard that is a blend between ERC-20 and ERC-223.
As mentioned, ChainLink can be used both by legacy banking and industries to benefit from blockchain as well as by blockchain to benefit from connecting to external services. In other words, anyone with a data feed pr APIs will be able to provide them directly to smart contracts in exchange for Chainlink tokens as node operators.
The demand and value of the token will therefore be correlated directly to the number of operators offering off-chain services to the ChainLink system. Currently, the token is traded on a number of exchanges including Binance, Bitthumb, Huobi, CoinBene, Bitrue, Mercatox, and OKEx.
The token will also be required to perform other funcions on the network
Sergey Nazarov, ChainLink's CEO, started his career at FirstMark Capital, from where he joined the cryptocurrency revolution in 2011. The project CTO Steve Ellis is a previous engineer and team lead at Pivotal Labs. He worked on securing sensitive HIPAA compliant data and building scalable payment automation software.
Alex Kwiatkowski and Dimitri Roche, who are Software Engineers at ChainLink has previously worked at Pivotal Labs and McKinsey and other companies with experience in smart contracts. Another software engineer of the project John Barker has previously led teams in developing big data processing systems and contributed to projects like the Rust programming language.
Thomas Hodges, the Integration Engineer, has experience with planning and managing large software deployments for enterprise customers. Dan Kochis is the project's Global Head of BD & Partnerships. Rory Piant, is its' Community Manager, and Adelyn Zhou is its' Director of Marketing.
Ari Juels, Evan Cheng, Hudson Jameson, Andrew Miller are the project's technical advisors, while Tom Gonser, the founder of DocuSign, Jake Brukhman who was the CTO at Triton Research, and Brian Lio, the CEO of blockchain research Smith + Crown, are the project's other advisors.