LogoLogo
  • Quex oracles
  • How it works?
    • Why another oracle?
    • Quex oracle security
    • Onchain verification
  • General information
    • Where to start
    • Quex approach and terminology
    • Quex data delivery modes
    • Smart contract addresses
  • Developers
    • Building with Quex
    • Getting started tutorial
    • Flow creation
    • Client callback format
    • Request oracle pool
      • Descriptive guide
      • Supported post-processing operations
      • Data encoding format
  • Data providers
    • Running your own oracle pool
    • TD oracle requirements
    • Registering your Trust Domain
    • Pool creation
    • Follow us!
Powered by GitBook
On this page
  1. How it works?

Onchain verification

Quex employs a robust chain of trust to ensure the correctness of data fed to the blockchain. This process begins with the verification of the attestation report. The attestation report contains a chain of certificates that can be traced back to the root certificate of the hardware vendor, ensuring that the oracle program is operating within a secure, encrypted environment that cannot be modified by external parties.

Each enclave generates a fresh private key during initialization and includes the corresponding public key within the attestation report. This process is performed once for each oracle node. By verifying the attestation report, we confirm that the private key is securely contained within the specific enclave and can only be used to sign correct data points.

After the attestation report has been verified, every data point retrieved by the oracle is signed with the private key. On-chain, we verify the signature using the previously authenticated public key. This guarantees that our data feed can only accept data that has been correctly signed by the trusted enclave, preventing any tampering or manipulation of the data supplied to the DeFi protocols.

PreviousQuex oracle securityNextWhere to start

Last updated 7 months ago