The Oracle 𝒪 is a semi-trusted module that performs three critical functions:
By splitting attestation across multiple Time-Stamping Authorities (TSAs), the design removes a single point of failure. This distributed approach ensures:
RFC 3161-compliant time-stamping provides cryptographic proof of when events occurred, ensuring temporal ordering and preventing replay attacks.
The oracle verifies zero-knowledge proof aggregates and updates the public state, maintaining consistency across the distributed system.
The oracle operates under a semi-trusted model where it can be compromised without breaking the overall system security, thanks to cryptographic protections.
Multiple TSAs provide consensus-based time-stamping, ensuring that no single authority can manipulate the temporal ordering of events.
All oracle operations are cryptographically attested, providing verifiable proof of the oracle's actions and preventing unauthorized modifications.