Chapter 37: Quiz

Multiple Choice Questions

Question 1

What is the fundamental reason smart contracts cannot access external data?

a) Smart contracts are too slow to make HTTP requests. b) Blockchains are deterministic state machines --- all nodes must reach the same state, which is impossible if they independently fetch external data that might differ. c) External APIs do not support blockchain authentication. d) Smart contract programming languages lack networking libraries.

Answer: b) Blockchains require deterministic execution across all nodes. If contracts could independently fetch external data, different nodes might receive different responses, leading to divergent states and breaking consensus.

Question 2

Which oracle design pattern does Polymarket primarily use for resolution?

a) Chainlink decentralized data feeds b) Kleros crowd-sourced arbitration c) UMA Optimistic Oracle with DVM backstop d) Augur REP-based reporting

Answer: c) Polymarket uses UMA's Optimistic Oracle, where a proposer asserts an outcome with a bond, and if undisputed during the dispute window, the outcome is accepted. The DVM (Data Verification Mechanism) serves as the backstop for disputed assertions.

Question 3

In UMA's optimistic oracle, what happens if no one disputes the proposed outcome during the dispute window?

a) The outcome is rejected and must be re-proposed. b) The outcome is accepted as correct, and the proposer receives their bond back plus a reward. c) The outcome goes to a DVM vote for confirmation. d) The outcome is accepted but the proposer's bond is burned.

Answer: b) In the "happy path" of an optimistic oracle, the absence of dispute is treated as confirmation. The proposer's bond is returned and they earn a small reward for their service.

Question 4

What is the primary purpose of the commit-reveal scheme in UMA's DVM?

a) To reduce gas costs. b) To prevent voters from copying the majority vote before the voting period ends. c) To encrypt votes for privacy compliance. d) To prevent double-voting.

Answer: b) The commit-reveal scheme ensures that voters commit to their vote (by submitting a hash) before any votes are revealed. This prevents "copycat" voting, which would undermine the Schelling point mechanism.

Question 5

A P+epsilon attack works by:

a) Bribing a single oracle operator with a large sum. b) Committing to a conditional bribe that shifts the Schelling point, potentially costing the attacker nothing if the attack fails. c) Buying 51% of governance tokens. d) Exploiting a smart contract vulnerability in the oracle.

Answer: b) The P+epsilon attack uses a credible commitment to a conditional bribe (paid only if the false outcome wins). This changes rational voters' expectations about what others will vote, potentially shifting the Schelling point from the truth to the false outcome with minimal or zero actual cost.

Question 6

Why is Chainlink poorly suited for resolving most prediction market outcomes?

a) Chainlink is too expensive. b) Chainlink is not decentralized enough. c) Chainlink is optimized for continuous quantitative data feeds (like prices), not one-off binary event outcomes. d) Chainlink only works on Ethereum.

Answer: c) Chainlink's decentralized oracle network model excels at aggregating quantitative data from multiple sources. However, most prediction markets resolve based on one-off events (elections, sports results, policy decisions) for which Chainlink does not maintain dedicated feeds.

Question 7

In Kleros's juror selection mechanism, selection probability is:

a) Equal for all staked participants. b) Proportional to the amount of PNK tokens staked. c) Based on past accuracy of the juror. d) Randomly assigned regardless of stake.

Answer: b) Kleros uses stake-weighted random selection. Jurors who stake more PNK have a higher probability of being selected, ensuring that selected jurors have meaningful "skin in the game."

Question 8

Augur's fork mechanism:

a) Creates multiple child universes, one per disputed outcome, where REP holders migrate their tokens to the universe they believe is correct. b) Halves the REP supply and distributes it to the winning side. c) Burns all REP and creates a new token. d) Temporarily freezes all markets until governance votes on the outcome.

Answer: a) The fork creates parallel child universes. REP holders choose which universe to join by migrating their tokens. The universe with the most REP is considered canonical. REP in losing universes becomes worthless.

Question 9

The security margin of an oracle is defined as:

a) The ratio of total value locked to oracle operating costs. b) The ratio of the cost of attacking the oracle to the profit from a successful attack. c) The percentage of honest participants in the oracle network. d) The time delay between event occurrence and oracle resolution.

Answer: b) Security margin = Cost of Attack / Profit from Attack. An oracle is economically secure when this ratio exceeds 1, meaning an attack costs more than it can potentially yield.

Question 10

The decentralization trilemma states that a system can optimize for at most two of:

a) Speed, cost, accuracy. b) Scalability, security, decentralization. c) Liveness, correctness, censorship resistance. d) Privacy, transparency, efficiency.

Answer: b) The decentralization trilemma (or blockchain trilemma) holds that scalability, security, and decentralization cannot all be simultaneously maximized. Improving one typically requires compromising at least one of the others.

Question 11

N/A resolution in prediction markets refers to:

a) Markets where the oracle reports "not available" due to technical failure. b) Markets that are voided/cancelled, with traders receiving refunds, because the question became unanswerable or ambiguous. c) Markets that have not yet been resolved. d) Markets where the outcome was "none of the above."

Answer: b) N/A (or void/invalid) resolution cancels the market and refunds traders, typically used when the market question becomes unanswerable, the resolution source is unavailable, or the question was erroneous.

Question 12

Which of the following is NOT a common oracle failure mode?

a) Liveness failure (oracle fails to report). b) Correctness failure (oracle reports wrong outcome). c) Consensus failure (blockchain nodes disagree on the oracle's report). d) Ambiguity failure (question is too vague to resolve clearly).

Answer: c) Once the oracle submits data on-chain via a transaction, all blockchain nodes process the same transaction deterministically. Consensus failure about the oracle's on-chain report is not a distinct oracle failure mode --- it would be a blockchain consensus failure.

Question 13

For a multi-oracle system with 5 independent oracles, each with a 10% corruption probability, the probability that the majority-vote result is corrupted is approximately:

a) 50% b) 10% c) 0.856% d) 0.001%

Answer: c) Using the binomial distribution: $P = \sum_{i=3}^{5} \binom{5}{i} (0.1)^i (0.9)^{5-i} \approx 0.00856$, or about 0.856%. This demonstrates the power of multi-oracle redundancy.

Question 14

In the context of oracle security, why is the "slippage factor" important when calculating the cost of a 51% attack?

a) It accounts for network latency in submitting transactions. b) Buying a large quantity of governance tokens drives up the price, making the attack more expensive than a simple calculation of 51% of supply times current price. c) It accounts for the time needed to unstake tokens after the attack. d) It represents the probability that the attack is detected and stopped.

Answer: b) When an attacker tries to acquire a large fraction of a token's supply, each additional purchase drives the price higher due to limited liquidity. The slippage factor captures this price increase, making real attack costs significantly higher than naive estimates.

Question 15

What is the primary advantage of an optimistic oracle over a full Schelling point vote for every resolution?

a) Greater decentralization. b) Higher security. c) Much lower cost and faster resolution in the common case (no dispute). d) Better handling of ambiguous outcomes.

Answer: c) The optimistic oracle's key innovation is that the common case (correct, undisputed outcomes) is resolved with a single assertion and no voting. The expensive dispute mechanism is only invoked when someone challenges the outcome, saving cost and time for the ~95%+ of markets that resolve cleanly.

Question 16

Reputation-weighted oracles differ from token-weighted oracles primarily in that:

a) Reputation is cheaper to acquire than tokens. b) Reputation is non-transferable and must be earned through historical accuracy, making it harder for an attacker to buy influence. c) Reputation-based systems are faster. d) Reputation-based systems do not require any stake.

Answer: b) The key distinction is that reputation cannot be bought on the open market --- it must be earned through consistent honest reporting over time. This makes 51% attacks fundamentally more difficult than in token-weighted systems where an attacker can simply buy enough tokens.

Question 17

Which of the following best describes TLS Notarization as it relates to oracle design?

a) A method for encrypting oracle votes. b) A technique that allows proving specific data was fetched from a specific HTTPS endpoint, providing cryptographic evidence of data provenance. c) A protocol for notarizing legal documents on blockchain. d) A way to speed up oracle response times.

Answer: b) TLS Notarization enables proving that specific data was received from a specific web server via HTTPS, without revealing credentials. Combined with zero-knowledge proofs, this could allow oracles to provide cryptographic evidence of their data sources.

Question 18

When should a prediction market use N/A resolution instead of forcing a YES/NO outcome?

a) Never --- all markets should resolve definitively. b) When the market creator requests it. c) When the question becomes unanswerable, the resolution source is unavailable, or external events make the question meaningless. d) When the market has low trading volume.

Answer: c) N/A resolution is appropriate when resolving the market definitively would be arbitrary or incorrect. Common triggers include unanswerable questions, unavailable resolution sources, and events that render the question meaningless.

Question 19

In Augur's dispute mechanism, the required stake at round $r$ follows the pattern $S_r = S_0 \cdot 2^r$. This exponential growth serves to:

a) Prevent small holders from participating. b) Ensure that disputes are progressively more expensive to sustain, causing them to converge on the truth through economic pressure. c) Increase the REP token price. d) Speed up the dispute process.

Answer: b) The exponential stake growth means each successive dispute round is twice as expensive as the last. This economic pressure ensures that only strongly-held beliefs justify continuing a dispute, naturally filtering out frivolous challenges.

Question 20

A centralized oracle for a prediction market is analogous to:

a) A decentralized autonomous organization. b) A traditional bookmaker who determines results. c) A decentralized exchange. d) A mining pool.

Answer: b) Like a traditional bookmaker, a centralized oracle is a single entity with authority to determine outcomes. Users must trust this entity to be honest. The trade-off is speed and simplicity at the cost of centralization risk.

Question 21

The Schelling point in oracle design refers to:

a) The price at which an attacker's bribe becomes unprofitable. b) The "obvious" or "focal" answer that rational agents independently converge on, typically the truth. c) The technical point at which the oracle network reaches consensus. d) The time at which the oracle must report.

Answer: b) Thomas Schelling's concept of a focal point --- a solution people naturally converge on in the absence of communication --- is applied to oracle voting. The truth serves as the natural Schelling point because voters expect others to report honestly and want to be in the majority.

Question 22

If a prediction market has $V = \$1,000,000$ in total value locked and the oracle's total attack cost is $\$500,000$, the oracle is:

a) Secure, because the attack cost is substantial. b) Insecure, because the security margin ($0.5$) is below 1, meaning the attack is potentially profitable. c) Secure for small markets but insecure for large ones. d) Cannot be determined without knowing the oracle type.

Answer: b) With a security margin of $500,000 / $1,000,000 = 0.5$, an attacker could potentially profit by spending $500K to corrupt the oracle and gain up to $1M from manipulated market positions. The security margin must exceed 1 for economic security.

Question 23

Which of the following is a defense against the P+epsilon attack?

a) Increasing the number of voters. b) Commit-reveal schemes that prevent voters from proving how they voted (making it impossible for the briber to verify compliance). c) Reducing the bond size. d) Shortening the dispute window.

Answer: b) Commit-reveal schemes prevent voters from demonstrating their vote to a potential briber, breaking the briber's ability to condition payment on the vote. Without verification, the bribe contract cannot enforce its terms, undermining the attack.

Question 24

Insurance-backed oracles shift risk by:

a) Requiring all traders to buy insurance. b) Having oracle operators purchase insurance that pays affected users if the oracle fails, shifting economic burden from users to specialized risk bearers. c) Using insurance premiums to fund the oracle's operations. d) Insuring the oracle's governance tokens against price decline.

Answer: b) Insurance-backed oracles transfer the risk of oracle failure from individual market participants to insurance providers who specialize in risk assessment. This can increase user confidence without requiring the oracle itself to be perfectly secure.

Question 25

In the hybrid oracle design recommended in this chapter, the three layers are:

a) Fast assertion, token voting, governance backstop. b) Centralized reporting, decentralized data feeds, AI verification. c) Optimistic assertion with bond, escalated dispute (panel/vote), governance backstop (fork). d) Price feed, event verification, human review.

Answer: c) The recommended three-layer design starts with an optimistic assertion (cheap, fast, handles 95%+ of cases), escalates to a dispute mechanism such as a larger panel or token vote, and maintains a governance backstop (e.g., fork) as the ultimate resolution mechanism. Each layer is more secure but more expensive and slower than the previous one.