Omar Piñeiro

We’ve all heard a common definition of smart contracts on the blockchain, that they are contracts that execute automatically, without human intervention when certain conditions are met. Typical examples are: automatic insurance payouts when a flight is delayed, releasing a prize if a team wins, or calculating an interest rate when the official rate changes. Everything sounds great, but there is a small problem: blockchain networks, by design, live in their own world. They cannot autonomously know when a flight was delayed, whether a team won, or whether interest rates were updated. So, how can we make the Blockchain “learn” what happens outside it? More importantly, why do we say that smart contracts execute automatically if they don’t learn anything about the outside world? That’s where oracles come in. What is an oracle? The name comes from Greek mythology. Oracles were those who could “speak with the gods” and reveal unknown information. In the context of the blockchain, the idea is similar: an oracle is a system that acts as an intermediary between the real world and blockchain networks. Its role is to bring information from outside the network, such as prices, weather data or sports results, and not only make it available to the smart contracts that need it to execute, but even invoke the contract and trigger its execution. However, why do blockchain networks need oracles? Unlike a traditional program, a smart contract runs on thousands of computers in a synchronized way. For all of them to reach the same result, the rules must be completely deterministic; that is, there can be no room for interpretation. This ensures consensus, because every copy of the system must record exactly the same state. An oracle acts as a reliable bridge between the blockchain and real-world data. That is why a smart contract cannot execute based on random data nor directly query external sources. If every node accessed the internet and read, for example, the current temperature in London, each could obtain a different number — all correct, but in different contexts. Discrepancies can stem from the ultimate source of the data (we all know that London’s temperature varies slightly depending on the source consulted) or, even when consulting the same source (the data from a specific weather station exposed on the Internet), each node’s query is different, they are not synchronized and they may in fact disagree. Therefore, assuming that queries by each node for the same information can differ, how do they agree on the result? If each node executed the smart contract with a different input, the blockchain would stop functioning as the single source of truth we rely on. ■ Oracles solve this problem by acting as a trust layer between the outside world and smart contracts. Very simply put, oracles obtain data from a source, validate it and send it to the blockchain in a structured way so that all nodes see exactly the same information. How oracles work In practice, an oracle collects off-chain information, digitally signs it (to guarantee its authenticity) and publishes it inside the blockchain, where any smart contract can query it. There are many ways to do this, and depending on the type of data or the frequency of updates, different models can be used. Immediate-read oracles are the simplest. They answer one-off questions like “Is this person over 18?” or “What is the address of such service?”. —They usually store the information directly on the blockchain, ready to be consulted when needed. Then there are publish/subscribe oracles, which work like a news channel. They publish frequently changing data, such as cryptocurrency prices or weather forecasts, and contracts that “subscribe” receive updates whenever there are changes. —This way, applications don’t have to make the same query repeatedly but stay up to date automatically. Finally, there are request/response oracles, designed to handle large volumes of information or more complex queries. Here, an application sends a request to the oracle (for example, “current price of gold”), the oracle fetches that information, verifies it and returns it signed. —It’s a more sophisticated process but also more flexible, since it allows requesting only the necessary data at the right moment. They collect, sign and publish external data on the blockchain for use by smart contracts. How data correctness is guaranteed Bringing real-world information onto the blockchain is useless if someone can tamper with it. That’s why security and data authenticity are fundamental. A common technique is the use of cryptographic proofs of authenticity, which allow verifying that the data really comes from its source and has not been altered along the way. Cryptographic verification, TEE and decentralized oracle networks reduce manipulation risks. Another option is Trusted Execution Environments (TEE), specialized chips that guarantee that the code that collects and processes information cannot be altered from the outside. This adds an extra layer of security, although these devices are still in early stages of adoption and their reliability remains under study. To reduce the risk of relying on a single source, there are also decentralized oracle networks, where several independent nodes obtain the same data and the blockchain computes a single value by applying a pre-defined algorithm (from simple operations like calculating the mean or median of responses, to applying complex fuzzy-logic algorithms). This avoids a single entity controlling the information. Besides bringing external data, some modern oracles also enable communication between different blockchain networks. These systems, called cross-chain messaging protocols, expand the oracle concept beyond serving as a bridge between the blockchain and the outside world to also connecting different networks. ■ This allows, for example, a contract deployed on Ethereum to interact with one deployed on Polygon, securely and automatically sharing information and assets. When well designed, oracles enable secure automation of interactions between blockchain and the real world. Conclusion As we have seen, without oracles, smart contracts would live in a kind of isolated bubble, unable to react to what happens off-chain. In other words, they would not meet the definition of executing automatically when certain conditions occur because they would never know those conditions have been met. However, every time an external source is introduced into a decentralized system a new potential point of failure is added. If an oracle is compromised or manipulated, it can trigger serious consequences, especially in applications that manage money or digital assets. That is why, when designing oracle-based solutions, it is crucial to clearly understand the trust model: who provides the data, how its integrity is validated and what incentives exist to keep the system honest. Still, when used correctly, oracles open up a universe of possibilities. They enable automation of insurance, payments, loans, games, predictions, identity verification and many other applications that combine blockchain transparency with the richness of the real world. They are, ultimately, the bridge that makes the promises of blockchain technology start to come to life outside the theoretical framework. References: https://masteringethereum.xyz/chapter_11.html AI & Data The Digital Identity revolution: from centralisation to data sovereignty September 3, 2025 Image by Wirestock / Freepik.

There seems to be some consensus that Blockchain technology and the web3 concept have the potential to completely transform the way we interact with the digital world. This revolution is based on the fact that each transaction, i.e. interaction with a digital service, will be "signed" by the user and immutably recorded in a Blockchain network, leaving an irrefutable trace of all the digital activity. For this purpose, the user needs a digital wallet, which will be in charge of signing and recording the transactions. One of the main barriers to adoption is the low usability of digital wallets. However, one of the main barriers to adoption is the low usability of digital wallets. Users who wish to make transactions on a Blockchain network must follow a series of steps that can be confusing and discouraging, and by no means trivial even for experienced users, let alone non-technical users. How to create and upload a digital wallet The steps to follow, without being exhaustive, are these: Create the wallet, which is a pair of chained cryptographic keys. You can choose a provider, e.g. Metamask, to create it for you, just for the sake of simplicity. Store the key pair, public and private, to ensure that you have access to the wallet. Create an account with an Exchange, a kind of bank specialized in these transactions. Go through a KYC (Know Your Customer) process to activate the Exchange account. Transfer funds from your FIAT currency (Euro, Dollar, Pounds...) account to your Exchange account. Buy cryptocurrency from the Blockchain network you are going to use, like someone who buys shares at the exchange. Only when the wallet is created and loaded, the user can start sending transactions to the Blockchain. To do so, it is necessary for him to "sign" the transaction with the private key associated with his wallet, initiate the transaction, pay the cost of executing it and, finally, wait for it to be confirmed. These transactions have an associated cost that depends, among other factors, on the computing capacity of the Blockchain network needed to execute them, so it is necessary that the wallet has sufficient funds to execute them. ⚠️ It must be taken into account that this cost is assumed by the user and must be paid in the cryptocurrency of the Blockchain network where it is operating. Therefore, the last step (6) is to "buy cryptocurrency", which also requires that this particular currency can be exchanged at the exchange house where it has been registered. Risks of digital wallets Some of the risks associated with the wallet are: Losing the key pair. This would mean losing access to the wallet and irretrievably losing all the funds in it. As Blockchain networks are decentralized and the wallet depends on the user, there is no third party, such as a bank in traditional accounts, to restore the credentials. That a third party gets hold of such a key pair (by phishing, or any other technique that leads to obtaining these keys) and transfers all the funds to your wallet, leaving the user without them. It is therefore necessary to take precautions and it is not enough to store them in order to recover them, but to do so with the appropriate security measures to minimize the risk of theft. Carrying out a transaction on a contract with unknown functionality and having it 'empty' the wallet. These contracts, or smart contracts, are decentralized programs whose functionality can be executed by other contracts and/or wallets. Thus, it is important to know in advance what is going to be executed, since it could be executing a transaction that 'empties' the wallet of funds. Ethereum Account Abstraction for simpler and more secure trading The Blockchain industry is aware of these problems and risks and has defined a mechanism that allows to operate in Blockchain networks in a simpler and safer way. Thanks to this mechanism, known as Account Abstraction, defined in the Ethereum community standard ERC4337, the user does not need to create any wallet, nor store any public/private key pair and risk a third party getting hold of them and losing the funds. There is also no need to worry about acquiring funds for transactions. Account Abstraction consists of the following elements, which are completely transparent to the user: Smart Account: a smart contract that acts as a wallet. Smart Account Factory: a smart contract dedicated to creating new Smart Accounts. User Operation: it is a meta transaction (it contains the details of a transaction to be executed on behalf of the Smart Account). Entrypoint: it is in charge of making the necessary checks and executing the User Operations, now as transactions. Bundler: an element in charge of receiving the User Operations sent by users, packaging them if necessary, and sending them to the Entrypoint. Paymaster: it is responsible for sponsoring the transactions, i.e. paying the funds necessary for their execution on behalf of the Smart Account. Therefore, the flow to perform a transaction for the first time is as follows: Create a Smart Account, or contract-controlled account: This account is created transparently to the user by being able to use any credential that will act as a unique identifier to generate it. From a simple email address and password, creating a Smart Account would be, for the user, exactly the same as logging into their email, to two-factor authentication (2FA) or any other authentication method. This eliminates the need to generate and store public/private key pairs. The Smart Account Factory contract is called for creation. Initiate the transaction, which will reach the Bundler and redirect it to the Entrypoint to be executed. Wait for the transaction to be confirmed. Advantages of account abstraction Account abstraction opens up a whole world of possibilities. Some of the main practical applications are shown below: Sponsored transactions This is the most direct and popular application of account abstraction and has been discussed earlier in this article. Thanks to sponsored transactions, it is no longer necessary to manage funds or pay directly for transactions made. The typical use case for this type of transaction is that of a service provider who bears the cost of the user's transaction. As opposed to a traditional transaction where the signer assumes the cost, with this mechanism the signer and therefore the responsible party and owner of the transaction does not have to be the same account that assumes the funds necessary for the registration. ✅ This allows service providers to offer their customers this service, freeing them from the need to acquire "crypto" funds in their accounts, doing all the management for them, simplifying the balance sheets of companies operating in Blockchain networks. Transaction lots Another application of account abstraction is the ability to perform multiple transactions in one, grouping them into a lot and saving a not inconsiderable amount of the cost that would be involved in executing each transaction separately. This helps to create a more scalable and cost-effective Blockchain experience, in the style of what Layer 2 Blockchain solutions and rollups enable. Account Abstraction can also be applied to these types of solutions, further increasing their benefits. ✅ As an example of a use case for lots of transactions is a user who wants to make several small payments. Instead of making a transaction for each payment, the user can group them into a single transaction and would be saving costs for its execution. Multi-signature accounts A wallet has only one owner and does not allow transactions with the approval of third parties. Account abstraction solves this problem with multi-signature accounts, where a transaction must necessarily be signed by several members before it can be executed. ✅ A use case of multi-signature accounts can be to execute a transaction that requires the approval of all the administrators of a company. Account recovery Multi-signature accounts subcase. Thanks to account abstraction, users no longer have to store the private key of their wallet. However, they still rely on an access credential. In the event that the owner of a Smart Account loses this access credential, they lose access to their account. Account recovery solves this problem so that the owner of a Smart Account can authorize a third party to access his account. Once authorized, if the Smart Account owner loses the credentials, they can recover their account by asking the authorized third party to identify themselves as the account owner. These are just a few practical applications of account abstraction. As Smart Accounts are accounts controlled by a smart contract, they depend on the logic of the contract and a myriad of conditions can be implemented to authorize the execution of transactions. Account abstraction is set to transform Web3 by vastly improving the user experience and increasing account customization and security. ◾ More information: ERC-4337 Standar → Cyber Security Blockchain Cryptocurrencies: the worrisome phenomenon of rug-pulling (and how to protect yourself) November 28, 2023 Photo by rc.xyz NFT gallery in Unsplash