以太坊预言机(Oracle)是连接区块链与外部世界的重要桥梁。以下是预言机的全面解析:
预言机的基本概念
区块链是封闭系统,无法直接访问外部数据。预言机作为中间层,将外部数据(如价格、天气、体育赛事结果等)安全地传输到区块链上。
预言机类型
1. 中心化预言机
由单一实体提供数据服务。
特点:
- 简单易用
- 响应快速
- 存在单点故障风险
代表项目:
- Provable:原Oraclize
2. 去中心化预言机
由多个节点共同提供数据,通过共识机制保证数据准确性。
特点:
- 去中心化
- 抗审查
- 数据更可靠
代表项目:
- Chainlink:去中心化预言机网络
- Band Protocol:跨链预言机
3. 第一方预言机
数据提供者直接发布数据到区块链。
特点:
- 数据来源直接
- 可信度高
- 需要数据提供者技术能力
例子:
- UMA:乐观预言机
- Tellor:去中心化预言机
Chainlink预言机
1. 基础使用
// SPDX-License-Identifier: MIT pragma solidity ^0.8.19; import "@chainlink/contracts/src/v0.8/interfaces/AggregatorV3Interface.sol"; contract PriceConsumer { AggregatorV3Interface internal priceFeed; constructor() { // ETH/USD 价格喂价地址(以太坊主网) priceFeed = AggregatorV3Interface(0x5f4eC3Df9cbd43714FE2740f5E3616155c5b8419); } function getLatestPrice() public view returns (int) { ( uint80 roundID, int price, uint startedAt, uint timeStamp, uint80 answeredInRound ) = priceFeed.latestRoundData(); require(timeStamp > 0, "No data available"); return price; } function getPriceInUSD(uint256 ethAmount) public view returns (uint256) { int256 price = getLatestPrice(); require(price > 0, "Invalid price"); // Chainlink价格有8位小数 return (uint256(price) * ethAmount) / 1e8; } }
2. 请求-响应模式
import "@chainlink/contracts/src/v0.8/ChainlinkClient.sol"; contract APIConsumer is ChainlinkClient { using Chainlink for Chainlink.Request; uint256 public volume; bytes32 public jobId; uint256 public fee; event RequestVolume(bytes32 indexed requestId, uint256 volume); constructor() { setChainlinkToken(0x514910771AF9Ca656af840dff83E8264EcF986CA); // LINK token address setChainlinkOracle(0x2f90A640D781587C2fA963d6184B9e9c5f3840B4); // Oracle address jobId = "7da2702f37fd48e5b1b9a5715e3509b6"; fee = 0.1 * 10**18; // 0.1 LINK } function requestVolumeData() public returns (bytes32 requestId) { Chainlink.Request memory req = buildChainlinkRequest(jobId, address(this), this.fulfill.selector); req.add("get", "https://min-api.cryptocompare.com/data/pricemultifull?fsyms=ETH&tsyms=USD"); req.add("path", "RAW.ETH.USD.VOLUME24HOUR"); req.addInt("times", 100); return sendChainlinkRequestTo(req, fee); } function fulfill(bytes32 _requestId, uint256 _volume) public recordChainlinkFulfillment(_requestId) { volume = _volume; emit RequestVolume(_requestId, _volume); } }
预言机攻击与防护
1. 闪电贷攻击
contract FlashLoanAttack { IERC20 public token; AggregatorV3Interface public priceFeed; function attack(uint256 borrowAmount) external { // 借款 token.transferFrom(msg.sender, address(this), borrowAmount); // 操纵价格 manipulatePrice(); // 利用错误价格进行交易 exploit(); // 还款 token.transfer(msg.sender, borrowAmount); } function manipulatePrice() internal { // 通过大额交易操纵价格 // ... } function exploit() internal { // 利用操纵后的价格 // ... } }
2. 预言机防护
contract OracleProtection { AggregatorV3Interface public priceFeed; uint256 public maxPriceDeviation = 5; // 5% 最大偏差 uint256 public lastPrice; uint256 public lastUpdateTime; uint256 public maxPriceAge = 1 hours; event PriceUpdated(uint256 newPrice, uint256 oldPrice); function getSafePrice() public returns (uint256) { (, int256 price, , uint256 timestamp, ) = priceFeed.latestRoundData(); require(price > 0, "Invalid price"); require(timestamp > block.timestamp - maxPriceAge, "Price too old"); uint256 newPrice = uint256(price); if (lastPrice > 0) { uint256 deviation = (newPrice > lastPrice) ? ((newPrice - lastPrice) * 100 / lastPrice) : ((lastPrice - newPrice) * 100 / lastPrice); require(deviation <= maxPriceDeviation, "Price deviation too high"); } lastPrice = newPrice; lastUpdateTime = timestamp; emit PriceUpdated(newPrice, lastPrice); return newPrice; } }
自定义预言机
1. 简单预言机
contract SimpleOracle { address public owner; mapping(bytes32 => int256) public data; mapping(bytes32 => bool) public requested; event DataRequested(bytes32 indexed requestId, bytes32 key); event DataProvided(bytes32 indexed requestId, bytes32 key, int256 value); modifier onlyOwner() { require(msg.sender == owner, "Not owner"); _; } constructor() { owner = msg.sender; } function requestData(bytes32 key) public { bytes32 requestId = keccak256(abi.encodePacked(key, block.timestamp)); requested[requestId] = true; emit DataRequested(requestId, key); } function provideData(bytes32 requestId, bytes32 key, int256 value) public onlyOwner { require(requested[requestId], "Not requested"); data[key] = value; emit DataProvided(requestId, key, value); } function getData(bytes32 key) public view returns (int256) { return data[key]; } }
2. 多源预言机
contract MultiSourceOracle { struct Source { address oracle; uint256 weight; } Source[] public sources; mapping(bytes32 => int256) public aggregatedData; uint256 public totalWeight; event SourceAdded(address indexed oracle, uint256 weight); event DataAggregated(bytes32 indexed key, int256 value); function addSource(address oracle, uint256 weight) public { sources.push(Source({ oracle: oracle, weight: weight })); totalWeight += weight; emit SourceAdded(oracle, weight); } function aggregateData(bytes32 key) public { int256 weightedSum = 0; uint256 validSources = 0; for (uint256 i = 0; i < sources.length; i++) { Source memory source = sources[i]; int256 value = ISimpleOracle(source.oracle).getData(key); if (value != 0) { weightedSum += value * int256(source.weight); validSources += source.weight; } } require(validSources > 0, "No valid data"); int256 aggregatedValue = weightedSum / int256(validSources); aggregatedData[key] = aggregatedValue; emit DataAggregated(key, aggregatedValue); } function getAggregatedData(bytes32 key) public view returns (int256) { return aggregatedData[key]; } } interface ISimpleOracle { function getData(bytes32 key) external view returns (int256); }
预言机最佳实践
1. 数据验证
- 使用多个数据源
- 验证数据合理性
- 设置价格偏差限制
- 检查数据时效性
2. 安全措施
- 实现访问控制
- 使用多重签名
- 设置时间锁
- 定期审计
3. 性能优化
- 缓存常用数据
- 批量请求数据
- 使用去中心化预言机
- 优化Gas消耗
著名预言机项目
- Chainlink:去中心化预言机网络
- Band Protocol:跨链预言机
- UMA:乐观预言机
- Tellor:去中心化预言机
- API3:第一方预言机
预言机是连接区块链与现实世界的关键基础设施,为DeFi、NFT、保险等应用提供可靠的数据支持。