What is the oracle problem?
Someone in the API3 Telegram channel asked this question:
I still don’t fully get why smart contracts need oracles, why is it that smart contracts are not able to query APIs the same way regular apps can? Is it purely because smart contracts are completely reactive to data and they can’t go out and make API calls themselves like a regular app running on a server?
Here was my answer, now written in Medium-form for future reference:
In order to update the state of the blockchain (i.e. make the network “do something”) you need to process a transaction. Since the network is decentralized, every node in the network must be able to validate a transaction. Validating a transaction means, for example, checking that Alice has enough BTC in her account to send to Bob. Indeed, this is all validation means in the Bitcoin network. With Ethereum — and other “general” blockchains — it’s a bit more complex since transactions are more general (e.g. calling a smart contract function), but the basic principle still applies. This means every node must have access to the same data.
Blockchain nodes are designed to communicate with one another, not the “outside world”. You could design a blockchain that enables something like API queries at the protocol level, but if you think about it for a bit, you’ll understand why this is a bad idea.
Essentially, even if all nodes in the network were able to somehow validate an API call (whatever that would mean…) a single GET request to an API can produce a malicious result — if the API is for whatever reason faulty — and mess up the blockchain transaction. Computers outside of your blockchain network would be able to interfere with your blockchain network and its consensus mechanism.
So, blockchains not being able to communicate with the “outside world” (by default) isn’t an oversight, it’s a security feature. This inability to communicate with the outside world— e.g. other computer networks — is what’s referred to as the “oracle problem”.