I’ve been exploring a different way to handle enshrined price feeds, intended to address the concerns raised above (e.g. the risk of chain splits if a real-world asset becomes politically contested). The premise I’m adopting here is that when something like Vitalik’s “Brazilian civil war” scenario happens, an honest validator isn’t one that can somehow “pick” the correct side.
I take the moral of the story to be that an honest validator would be one reporting the true (ambiguous) state of the world. But this means, in the hypothetical Brazil Civil War, validators would report two distinct but plausible BRL prices (BRL-S and BRL-N). Note that the setup in this example (set valued oracle inputs, users who may favor one resolution over the other) can be thought of like a semi-adversarial coordination game ala battle the sexes:
And so the key is to find a neutral way to handle multiple values where users had formerly expected only one. And here we need a bit of black magic. And that black magic here comes from a pathologically mixing RNG called Machine II (somewhat related to a Cauchy Oscillator from statistical physics.)
When you take “Machine II” and add encryption and smart contracts, it enables a thing I’ll call “Veiling.” In this case, trading at a Veiled price means the protocol or dApps can resolve any specific BRL trade at single value within the chosen price bounds. But crucially, within those bounds, there is no effective method to fix a particular value in expectation. Machine II draws are non-convergent for as long as you like-- for example here’s what 250,000 Veiled Price outputs could look like (these are fresh outputs from the actual algorithm):
Veiling is thus kind of an anti-mechanism (h/t Tina Zhen). It can be used in other cases of extreme uncertainty too—veiling was partly inspired by a tweet from Dan Robinson about using TWAP Bounds to value debt and collateral. Dan’s examples are both cases where you can sort of “break the asymmetry” using different preferences about risk. Veiling becomes especially interesting when the protocol sees an asymmetry that it can’t break. Enshrined oracles can present such a case (and e.g. liquidations under extreme oracle reports might be another.)
There is some game theory and decision theory to this, which is treated in the paper you can read here. But essentially Veiling lets you define an interval of value uncertainty (e.g. BRL might be worth the value of either side in the civil war, or anywhere in between) and then credibly commit to trading in that interval using a draw from an (encrypted) Machine II. When someone makes this commitment, it’s the probabilistic equivalent of “refusing to trade” within that interval except that they can still trade.
Thus you can help preserve a certain liveness with continuous trading but without having to resolve the underlying uncertainty prematurely. I think the fairness/neutrality argument for this approach is pretty straightforward: if the protocol is truthful about the uncertain information it has, this is handling that uncertainty neutrally. The paper also shows simple alternatives to veiling (e.g. a perfectly fair coin toss over values instead of Veiling over Machine II’s absolute chaos) can impose a “sure-loss” type exploit on BRL-holders.
But then there’s the question of what people will actually think about using it. Machine II is pretty cheap to run (about 100 lines of simple python), but using Machine II for Veiling certainly means (bounded) uncertainty about how any individual trade will resolve. In some sense this is whole point—the situation is uncertain, and veiling this directly and neutrally while allowing continuous trading, ensuring budget balance etc.
The uncertainty introduced by veiling might not be so bad though. There is suggestive evidence that veiling can be efficiency enhancing for users with divergent opinions. It gets a little technical (the paper has the theory + algorithm, along with a CFMM example) but you can see the punchline in this graph:
But to the extent it’s a cost, you might say it’s the inevitable price to be paid from the fact that we were all happy trading a single value, knowing that such a “single value” could at some point stop being coherent. i.e. Even a well-thought out proposal like Justin’s could of course never future-proof an answer about whether we are supposed to report values from a basket called “SDR”, or from an entity called “IMF”, or from some future international consortium that does something similar.
The discussion in this thread is useful context, hence the necrobump rather than a new thread, but thoughts and comments encouraged.