Giulio Caldarelli- Department of Management “Valter Cantino”, University of Turin, Torino, TO, Italy
The blockchain oracle problem, which refers to the challenge of injecting reliable external data into decentralized systems, remains a fundamental limitation to the development of trustless applications. While recent years have seen a proliferation of architectural, cryptographic, and economic strategies to mitigate this issue, no one has yet fully resolved the fundamental question of how a blockchain can gain knowledge about the off-chain world. In this position paper, we critically assess the role artificial intelligence (AI) can play in tackling the oracle problem. Drawing on both academic literature and practitioner implementations, we examine how AI techniques, such as anomaly detection, language-based fact extraction, dynamic reputation modeling, and adversarial resistance, can enhance oracle systems. We observe that while AI introduces powerful tools for improving data quality, source selection, and system resilience, it cannot eliminate the reliance on unverifiable off-chain inputs. Therefore, this study supports the idea that AI should be understood as a complementary layer of inference and filtering within a broader oracle design, not a substitute for trust assumptions.
1 Introduction
As Bitcoin nodes cannot measure arbitrary conditions, we must rely on an “oracle” (Hearn, 2011).
Blockchain technology promises decentralized, secure, and transparent interactions, thereby reducing or eliminating the need for trusted third parties (Swan M., 2015; Crosby et al., 2016). However, beneath this appealing aspect lies a crucial, unsolved issue: the so-called “blockchain oracle problem (Egberts, 2017; Caldarelli, 2020b).” At its core, the oracle problem reflects a fundamental challenge of blockchains that, although powerful for ensuring computational trust and consensus on internal state, are inherently incapable of verifying the correctness of external information fed from the real world (Frankenreiter, 2019). Thus, blockchains must rely on external entities, so-called “oracles,” to bridge on-chain computation with off-chain reality (Damjan, 2018). These oracles, in turn, reintroduce an unwanted layer of trust into systems intended to be trustless, effectively becoming single points of failure and manipulation (Sztorc, 2017).
In recent years, artificial intelligence (AI) has rapidly gained traction as a disruptive technology, celebrated for its ability to analyze vast datasets, detect anomalies, predict events, and even perform automated reasoning tasks with increasing accuracy (Chan and Abrego, 2025; Hamilton, 2025; Syracuse University, 2025). Given AI’s rising significance across industries, it is natural to consider whether this powerful tool could finally address or even solve the persistent blockchain oracle problem. This paper aims to clarify that position by moving beyond the current hype and providing a balanced analysis of AI’s strengths and shortcomings in oracle infrastructures. By doing so, it intends to inform future research and promote more robust oracle architectures. Drawing from technical literature and practical implementations, we analyze how AI methods, ranging from anomaly detection and reinforcement learning to large language models, can be applied to oracle design. We investigate the realistic potential of AI to support blockchain oracle systems, critically examining whether AI can mitigate or even solve core vulnerabilities such as data reliability, source trustworthiness, and systemic manipulation.
The study reveals that recent developments in oracle infrastructure have begun incorporating AI techniques at multiple levels. These integrations suggest that AI can increase oracle accuracy, adaptability, and efficiency, but, as further discussed in Sections 3, 4, they also introduce new risks related to:
• Non-determinism: the tendency of AI models to produce variable outputs even with identical inputs (OpenAI et al., 2024; Xian et al., 2024),
• Hallucination: a phenomenon where large language models generate outputs that appear plausible but are factually incorrect or unsupported (Brown et al., 2020),
• Bias: systematic distortions in outputs reflecting skewed training data (Mehrabi et al., 2022),
• Adversarial manipulation: deliberately crafted inputs designed to deceive AI models (Goodfellow et al., 2014; Biggio and Roli, 2018),
• Architectural complexity: refers to the expanded attack surface and resource requirements from integrating AI into decentralized systems (Zintus-Art et al., 2025).
We therefore argue that AI, while valuable, cannot fully solve the oracle problem, as the issue is not just technical but epistemological. AI models, regardless of sophistication, rely on the integrity of their inputs, making them susceptible to the same trust limitations oracles face. Therefore, the use of AI in oracles should be framed not as a solution, but as a complementary layer within a broader system of cryptoeconomic guarantees, governance rules, and verifiability mechanisms.
This paper contributes to the literature in three main ways. First, it provides the most up-to-date synthesis of both academic research and industry implementations of AI in blockchain oracles. Second, it advances a critical position by framing AI not as a solution to the oracle problem, but as an additional layer that amplifies trust dependencies. Third, it proposes a structured research agenda highlighting the trade-offs of AI-enhanced oracles. Together, these contributions aim to reposition current debates and guide future research beyond hype-driven narratives.
The paper proceeds as follows. Section 2 explains the methodology, while Section 3 introduces the blockchain oracle problem and reviews the evolution of oracles and artificial intelligence. Section 4 explores AI techniques and how they can be integrated into oracle design. Section 5 presents the main limitations of AI when applied to oracle systems, emphasizing the persistence of the underlying problem. Section 6 concludes the paper by synthesizing findings and suggesting avenues for future interdisciplinary research.
2 Materials and methods
This paper adopts a position paper format, combining conceptual analysis with a targeted literature review. The discussion is informed by peer-reviewed academic research, technical documentation from industry projects, and relevant standards relating to blockchain oracles and artificial intelligence. Sources were selected to cover both foundational studies and recent advancements, ensuring a balanced perspective on current capabilities and limitations. The analysis is structured into thematic sections, enabling the integration of academic insights with real-world applications. This approach enables the development of a critical argument grounded in existing evidence, while also reflecting on broader conceptual implications, such as the persistence and displacement of trust in AI-enhanced oracles. This study is positioned as a conceptual contribution. Rather than offering new empirical measurements, it integrates insights from existing case studies and proposals to articulate the strengths and limitations of AI-enhanced oracles. As a position paper, this study is inherently limited by its reliance on existing literature rather than new empirical data. However, this methodological choice also serves as a strength. By synthesizing insights from diverse academic and practitioner sources, the paper presents a holistic, critical perspective that may not emerge from narrowly focused empirical studies alone. Furthermore, the limited availability of empirical data and large-scale implementations as of mid-2025 constrains the analysis, which necessarily relies on conceptual synthesis and the few pilot projects currently documented. This delimitation reflects the early stage of AI-oracle integration, where systematic evidence is still emerging.
3 Literature review
This section provides a comprehensive overview of blockchain oracles and the oracle problem, tracing the historical development and technical evolution. It further reviews foundational concepts in artificial intelligence, including expert systems, machine learning (ML), reinforcement learning (RL), Natural Language Processing (NLP), and adversarial robustness, to establish the necessary background for understanding and evaluating AI-based oracle solutions proposed in later sections. The section concludes with a comparative analysis of prior surveys, situating this study within the existing literature.
3.1 Defining the blockchain oracle problem
The blockchain oracle problem emerges directly from blockchain technology’s inherent limitation, as the inability of blockchain systems to independently verify external, real-world data (Dalovindj, 2014). While blockchain’s core innovations, such as immutability, transparency, and decentralization, make it ideally suited to create trusted, cryptographically secure environments, the utility of blockchains in real-world applications critically depends on external data integration (Egberts, 2017). The oracle problem thus refers to the fundamental contradiction between the need for trusted external inputs to feed blockchain systems, which inevitably reintroduces elements of centralization and trust, and blockchain’s foundational goal of decentralization and trustlessness (Damjan, 2018; Frankenreiter, 2019). Previous studies have also distinguished various dimensions of the oracle problem, as failure to provide reliable data may be due to technical difficulties, tampering, or poor programming in good faith. On the other hand, social matters may also affect the reliability of oracle data due to competing interests of oracle managers or other malevolent actors (Beniiche, 2020; Caldarelli, 2021a; Eskandari et al., 2021; Hassan et al., 2023).
3.2 Historical context and evolution of oracles
Interviews with early Bitcoin developers reveal that, already in the early days, the concept of introducing external data into blockchain systems was met with skepticism and described provocatively as “cheating,” highlighting early recognition of the tension between complete decentralization and practical functionality (Andresen, 2014). Nakamoto himself expressed doubts about integrating oracles and instead advocated alternative solutions, which were never implemented before his departure (Nakamoto, 2011). Despite significant technological progress, the conceptual challenges of oracles identified in the early Bitcoin era persist, making them a critical yet often overlooked issue in blockchain research and practice (Caldarelli, 2020a).
In terms of classification, oracle solutions vary widely in structure, reliability, and purpose. The literature offers several taxonomies, which continue to evolve alongside new technological proposals (Eskandari et al., 2021; Hassan et al., 2023). A centralized oracle constitutes the most basic form: a solution proposed in the first days of Bitcoin just to enable real-world integrations. As they reintroduced single points of failure and other issues as unverifiable data, an early oracle protocol named Oraclize, leveraged Trusted Execution Environment and cryptographic proof to guarantee that the data provided came from a trusted source and was not manipulated (D-Nice, 2017). However, this did not address the oracle problem completely, as it still reintroduced a single point of failure. Although a cryptographic proof could indeed prove that the data was not altered in the delivery, it cannot prove that the data was truthful. For this reason, alternatives were proposed, such as Orisi (still on Bitcoin), whose intention was to enhance decentralization by implementing multiple data reporters to ensure that no single actor could manipulate the requested data (Kolinko et al., 2014).
Additionally, although this solution was strong in design, it still could not solve the problem. Orisi voters could, in fact, collude due to competing interests, and being anonymous, they could be easily replaced by the same agent impersonating multiple entities (Douceur, 2002). The initial approach to address this problem was constituted by decentralized oracles based on game-theoretical models such as Truthcoin (Sztorc, 2015). The rationale was to make it inconvenient for agents to deceive the system and always provide honest information. Although groundbreaking, the limit of these systems is, however, the theoretical and implementation complexity; it is enough to say that Truthcoin, conceptualized in 2014, is still in development nowadays.
When it comes to technical integrations, the first oracles, developed on Bitcoin, primarily used multi-signature techniques and conditional scripts to introduce external data, employing manual or semi-automated processes. These approaches evolved significantly with Ethereum, enabling the creation of automated, sophisticated smart contracts capable of consuming complex external data streams via APIs and introducing tokens as incentives. Early days protocols, such as Augur and Witnet, involved, in fact, the use of tokens as a representation of a reporter’s reputation. However, although representing an intriguing idea, the token management still brings some challenges. Reputations stacked with tokens can easily be sold, stolen, as in the case of Augur, or lost for inactivity in environments such as Witnet.
Ethereum, however, also allowed another interesting solution known as First-Party oracle (Peterson et al., 2015; De Pedro et al., 2017). The idea, developed by API3, allows any entity to become a blockchain data provider through software that, in the case of API3, is named “airnode”. That way, trusted entities of the real-world can provide their data, dramatically enhancing the reliability of web3 implementations. Although disruptive, this idea also has limitations, as it cannot eliminate the risk of failure and data manipulation. Finally, although it facilitates the process, it can’t oblige any entity to be a Web3 data provider (Benligiray et al., 2022). The advent of alternative blockchains further highlighted the issue of interoperability. Since blockchains are inherently isolated systems, unable to natively access external data, they are also unable to communicate directly with one another, thereby extending the oracle problem to inter-chain communication (Caldarelli, 2021b; Belchior et al., 2022; 2023).
Table 1 provides an overview of available oracles and related advancements/drawbacks.
Table 1. Blockchain Oracles’ evolution with pros and cons.
3.3 Why the oracle problem persists
Despite numerous technical advancements, the oracle problem persists because it is epistemological rather than purely technical. Blockchains can guarantee the integrity of on-chain data but cannot verify the truth of external inputs, reintroducing trust dependencies into supposedly trustless systems.
Much of the literature underestimates this depth, often assuming ideal oracle performance. Yet several studies highlight limited scholarly and practitioner consideration of this problem and the resulting costly failures (Egberts, 2017; Damjan, 2018; Frankenreiter, 2019; Caldarelli, 2020a; 2020b; Kumar et al., 2020). Large-scale projects, such as Maersk’s, have been abandoned because reliance on third parties led to overcostly, inefficient legacy-style systems (Huillet, 2018; Lopez, 2022).
The oracle problem’s impact varies by context and trust dependencies. The more critical the reliance on unverifiable data, the greater the risk (Caldarelli and Ellul, 2021b). While it cannot be fully solved, specific techniques can mitigate failures. For example, Time-Weighted Average Price (TWAP) mechanisms help manage outliers in price feeds (Behnke, 2023). In DeFi, sudden mispricing can trigger liquidations or drain liquidity pools, as seen in the Compound and dydx incidents (Chipolina, 2020; WIlliams, 2020; Caldarelli and Ellul, 2021b). TWAP reduces such risks by averaging data and filtering anomalies, though at the cost of discarding genuine spikes and failing to capture the true spot value (Harvey et al., 2020).
Another mitigation strategy is the use of digital signatures, which secure blockchain-based notarization or academic records. Due to the oracle problem, the blockchain cannot verify the authenticity of a document, nor can it ensure that the person uploading has the legal right to upload it to the chain. A digital signature, however, links a document to a trusted institution, such as MIT certificates on the Bitcoin network (Ocheja et al., 2019; Fedorova and Skobleva, 2020). Fraudulent actors may still upload falsified certificates, but without the MIT signature, these are easily flagged as non-authentic. Conversely, if a reputable institution uploads a record, trust derives from the institution itself, not the blockchain (Caldarelli and Ellul, 2021b).
These examples demonstrate that, while the oracle problem endures, partial solutions can yield reliable integrations in practice. With AI increasingly shaping multiple domains, it is reasonable to explore whether AI applications might similarly enhance oracle reliability. However, to position such claims realistically against today’s hype, a thorough review of AI’s genuine capabilities and limitations is required. The next section provides this background and considers implications for oracle design.
3.4 Early symbolic AI and expert systems
Modern artificial intelligence traces its roots to mid-20th-century visionaries. In 1950, Alan Turing famously posed the question “Can machines think?” and introduced the Imitation Game (later known as the Turing Test) as a benchmark for machine intelligence (Turing, 1950). Just a few years later, the field was formally born at the 1956 Dartmouth workshop, organized by John McCarthy, who conjectured that “every aspect of learning or any other feature of intelligence can in principle be so precisely described that a machine can be made to simulate it” (Dick, 2019). This bold assumption is at the base of early symbolic AI research, which sought to encode human knowledge and reasoning in machines using formal logic and symbols. By the 1960s–1970s, expert systems such as MYCIN demonstrated that codified knowledge could match human specialists in narrow domains (Feigenbaum and Buchanan, 1979; Cohen, 1995). Other systems like DENDRAL or PROSPECTOR showed similar domain-specific accuracy (Hart et al., 1978; Lindsay et al., 1993). However, these systems lacked generality and common-sense reasoning (Morgenstern and McIlraith, 2010), while knowledge engineering proved difficult to scale, limitations that motivated the shift toward new approaches.
3.5 Machine learning and neural networks
From the 1980s, AI shifted toward ML, enabling systems to learn patterns from data rather than rely solely on hand-crafted rules (Mitchell, 1997). Early neural models such as the Perceptron (Rosenblatt, 1958) faced setbacks (Minsky and Papert, 2017) until the rediscovery of backpropagation (Rumelhart et al., 1986) revived neural research and powered advances in pattern recognition. Backpropagation allowed multi-layer neural networks to adjust their weights to minimize errors, enabling these deep neural networks to automatically learn useful internal representations of data. Rumelhart et al.’s work, along with parallel advances in computing, reignited neural network research and led to rapid progress in pattern recognition tasks.
Parallel work, produced decision trees, Bayesian networks, and support vector machines (Cortes and Vapnik, 1995), as methods that learn how to make decisions or separate different types of data by looking at examples. The “deep learning” revolution in the 2000s, aided by layer-wise pre-training (Hinton, 2017), led to landmark breakthroughs such as convolutional neural networks outperforming benchmarks in image recognition (Krizhevsky et al., 2012; LeCun et al., 2015). By 2015, deep learning had achieved state-of-the-art results across vision, speech, and drug discovery, establishing ML as a dominant paradigm over earlier symbolic approaches. In oracles, machine learning, and neural networks enable anomaly detection, reputation scoring, and predictive modeling, offering adaptive ways to assess data reliability and filter manipulations beyond static rules.
3.6 Reinforcement learning
Reinforcement learning draws from behavioral psychology, training agents to make decisions through trial-and-error interactions and rewards (Sutton and Barto, 1998). Seminal advances like temporal-difference learning (Sutton, 1988) and Q-learning (Watkins and Dayan, 1992) enabled agents to optimize policies from delayed feedback. Landmark successes include Tesauro (1994) and DeepMind’s AlphaGo defeating human Go champions (Silver et al., 2016), illustrating the power of deep RL in complex tasks. In oracle contexts, RL may not provide direct verification but can inform mechanisms that adaptively select data sources or reward nodes for accuracy, making oracle infrastructures more responsive and self-tuning.
3.7 Natural language processing and large language models
Natural Language Processing has long been a challenging AI domain, requiring an understanding of the complexity and ambiguity inherent in human language. Early systems such as ELIZA (Weizenbaum, 1983) relied on rules, which were later supplanted by statistical approaches using probabilistic models and large corpora. The shift to neural methods, however, marked a breakthrough. Recurrent Neural Networks (RNNs) and LSTMs enabled modeling of sequential context (Hochreiter and Schmidhuber, 1997), followed by Seq2Seq models and attention mechanisms for machine translation (Bahdanau et al., 2014; Sutskever et al., 2014). The 2017 Transformer architecture (Vaswani et al., 2017) revolutionized NLP, enabling highly parallel training and guidance in the era of large language models (LLMs). Models such as BERT (Devlin et al., 2018) and GPT (Radford, 2018; Brown et al., 2020) achieved state-of-the-art performance across diverse tasks. Given their significant advancements, LLM-based systems are now being explored as AI Oracles, capable of extracting and verifying facts from unstructured sources and providing structured outputs to smart contracts (Zintus-Art et al., 2025).
3.8 Adversarial machine learning and generative models
As AI advanced, vulnerabilities emerged, particularly in adversarial machine learning, which studies how malicious inputs can deceive models. Szegedy et al. (2013) showed that even imperceptible input changes could trigger misclassifications, leading to a stream of research on adversarial attacks and defenses (Goodfellow et al., 2014). Despite methods such as adversarial training and input sanitization, achieving robust models remains an open challenge. For blockchain oracles, this is highly relevant, as attackers may craft data specifically to mislead AI-driven components. Anomaly detection provides one line of defense by flagging outliers or unusual patterns, a technique widely used in domains such as fraud or intrusion detection (Prasad et al., 2009). In oracle systems, similar methods could help reject faulty or malicious submissions.
An important breakthrough to prevent AI manipulation is Generative Adversarial Networks (GANs) (Goodfellow et al., 2020), where generators and discriminators compete to produce realistic synthetic data. While not directly used in oracles, GANs highlight the risk of highly convincing fake content (e.g., deepfakes) that could mislead naive oracles. Conversely, adversarial training concepts inspired by GANs could strengthen oracle AI by training models to anticipate and resist deceptive inputs.
Together, adversarial ML and GANs underscore the dual challenge and opportunity for AI in oracle design since systems must both detect manipulations and remain resilient to increasingly sophisticated synthetic data. The following table (Table 2) summarizes the information provided above, while the next section provides a comparative positioning of this paper with prior reviews.
Table 2. Overview of AI paradigms.
3.9 Related reviews and research gap
Several surveys have examined blockchain oracles, emphasizing their architectural taxonomies, trust frameworks, and security vulnerabilities (Heiss et al., 2019; Al-Breiki et al., 2020; Pasdar et al., 2023; Chiarelli, 2023). Collectively, these works classify mechanisms and identify challenges, but none evaluate artificial intelligence as a structural element of oracle systems.
In parallel, surveys on AI applications in blockchain (Ul Hassan et al., 2023; Ressi et al., 2024; Rizal and Kim, 2025) show how to leverage AI to increase security in blockchain or facilitate consensus; yet they typically assume that data is already on-chain, leaving the critical interface of external data acquisition largely unaddressed.
Although scattered articles and prototypes suggest potential roles for AI in oracle infrastructures, no prior academic survey has synthesized these developments. This study, therefore, fills the above-mentioned gaps by providing the first integrated analysis of AI techniques explicitly applied to oracle systems. The following table (Table 3) summarizes how prior surveys differ from and are complemented by this contribution, and the next section introduces in detail the benefits of AI integration into blockchain oracles.
Table 3. Comparative analysis of prior surveys: contributions, gaps, and our extensions.
4 What can AI do to support oracle systems
As blockchain applications continue to grow in complexity and criticality, ensuring the reliability, accuracy, and responsiveness of oracles becomes increasingly vital. Artificial Intelligence (AI) offers a broad spectrum of techniques that can enhance oracle systems across multiple dimensions, from anomaly and adversarial behavior detection to intelligent node selection, automated fact extraction, and the integration of hybrid AI-governance models. This section examines the various roles AI can play in enhancing oracle functionality, analyzing recent academic and industry developments that aim to strengthen oracles against manipulation, inefficiency, and unreliability.
4.1 AI for anomaly detection in blockchain oracles
As thoroughly explained in the introduction, incorrect or manipulated oracle data can lead to severe consequences, including financial losses and compromised smart contract executions. Risks can stem from both benign anomalies, such as sensor errors or network delays, and intentional adversarial behaviors, like flash loan-induced price manipulations. While anomalies typically result from unintended technical failures, adversarial manipulations are deliberate actions by malicious actors exploiting oracle vulnerabilities. AI and Machine Learning have emerged as pivotal tools in detecting, analyzing, and mitigating these heterogeneous risks to enhance oracle security and reliability.
Statistical anomaly detection, for example, utilizes AI to identify data points or behaviors significantly deviating from expected norms, primarily due to non-malicious technical errors or unexpected external events. Techniques include simple statistical filtering (median or mean-based outlier rejection), clustering algorithms, isolation forests, and autoencoders. For instance, decentralized oracle networks like Chainlink apply basic statistical methods to aggregate data from multiple nodes, identifying outliers when submissions substantially diverge from the median consensus. If most nodes report similar values and only a few differ significantly, these inconsistent submissions are discarded or marked for additional verification (Stevens, 2023).
Advanced statistical methods, such as Long Short-Term Memory (LSTM) autoencoders, enhance anomaly detection by capturing complex temporal dependencies in oracle data streams. By modeling historical price feeds, these deep learning models predict expected values and flag significant deviations as anomalies (Medvedev, 2021). Using data from Band Protocol, for example, researchers have shown that LSTM autoencoders successfully detected abnormal price fluctuations, providing robust alerts against unusual but non-adversarial market movements. Similarly, Park et al. (2023) utilize hybrid statistical methods such as Kalman filters combined with conformal prediction to dynamically update uncertainty intervals. When real-time oracle inputs deviate beyond these intervals, they are flagged as potential anomalies, requiring manual or additional automated verification. Such AI-driven statistical techniques significantly strengthen oracle systems against unpredictable data inconsistencies.
In this context, unsupervised or semi-supervised anomaly detection is very powerful as it assumes that “most data is normal” and flags anything sufficiently deviant. An advantage of unsupervised methods is that they can catch previously unseen anomalies, although they require careful tuning to avoid false positives in highly variable data like crypto prices. Combining data from multiple assets or sources can be a strategy to enhance these systems. For example, a model might consider not just one price feed but also related market indicators (volume, broader market movement) to judge if a price change is anomalous in context. Advanced models may utilize graph neural networks or correlation analysis across multiple feeds, as an oracle often generates numerous data points (for different trading pairs, etc.). Anomalies might be more evident when considering the whole graph of assets (e.g., if only one asset out of many moves 50% while others move 1%, that could be flagged) (Abinivesh S, 2025). For instance, Ikeda et al. (2025) propose an anomaly indicator that fuses many metrics (entropy, clustering coefficients, etc.) using a Boltzmann machine, though in the context of crypto trading anomalies. Translating such multi-metric approaches to oracle data could mean examining not only values but also node network metrics together.
4.2 Detection of adversarial and manipulative behavior
While statistical anomaly detection primarily addresses benign errors, adversarial detection specifically targets intentional malicious data manipulations, including flash loan attacks and Sybil attacks. These attacks exploit vulnerabilities to deliberately manipulate oracle inputs, resulting in significant financial damage to DeFi platforms.
Abinivesh (2025) demonstrated that AI-driven oracles offer measurable gains in addressing adversarial behavior. For instance, one prototype that combined multi-source aggregation with an RL-based decision agent achieved 92% fraud detection accuracy, substantially higher than a traditional non-learning oracle’s 78% accuracy. The RL-enhanced oracle dynamically adjusted trust scores and could “learn” to reject bad data, resulting in a false-positive rate (rejecting good data) of only 4%, versus 12% in a legacy oracle network. Moreover, adding an AI-powered fraud detection module (e.g., an anomaly classifier watching for unusual submission patterns) can boost accuracy even further, as one hybrid model reported 94% accuracy with only 2% false positives. For instance, Fu and Xie (2025) show that agents consuming AI-Oracle–verified feeds achieved 94.7% manipulation-detection accuracy with integrity above 94%–96%, alongside better risk-adjusted returns, albeit with higher latency from consensus validation.
Recent frameworks, such as AiRacleX, further utilize advanced large language models to automatically detect price oracle manipulation attempts in decentralized finance protocols. AiRacleX operates by first extracting comprehensive knowledge about known vulnerabilities and attack patterns from blockchain security literature, and then employing targeted prompting techniques to proactively analyze smart contract logic. Through extensive empirical testing against real-world exploits, AiRacleX significantly outperformed traditional detection methods, providing enhanced recall rates and precise identification of malicious behaviors (Gao et al., 2025).
More complex manipulation, such as Flash loan attacks, instead represents a critical threat, as they leverage instantaneous, high-volume borrowing to artificially inflate or deflate asset prices temporarily (Cao et al., 2021; RocketMeUP Cybersecurity, 2024). The Mango Markets exploit of 2022 exemplifies such threats, where attackers manipulated oracle price feeds to borrow excessive funds against artificially inflated collateral (Akartuna, 2022). AI-driven detection models, particularly supervised learning methods, have proven effective in identifying and mitigating these attacks by analyzing intricate transaction patterns in real time. For example, detection systems such as “Forta” implement heuristic or ML-based detectors to recognize typical flash loan attack sequences and trigger protective measures, such as halting a protocol or rejecting an oracle update (Levin, 2025).
Sybil attacks, on the other hand, involve adversaries controlling multiple oracle nodes to artificially influence consensus outcomes. A group of nodes (possibly Sybils controlled by one entity) can, in fact, feed the same wrong data, making an outlier check difficult. AI can aid in detecting correlated anomalies that suggest collusion. For instance, while occasional disagreement among nodes can occur due to random error, a situation where a subset of nodes suddenly reports the same divergent value may indicate collusion. Such patterns, as discussed in Abinivesh (2025), can be detected by clustering methods or graph-based anomaly detectors (Almi’Ani et al., 2023). Abinivesh’s study also supports the possibility of preventing sybil behavior by analyzing oracle timing or semantics. As oracles are meant to operate independently, if a subset always submits its data within the same millisecond or with identical metadata, this could indicate a single operator behind them.
4.3 AI for oracle node selection
As seen in the previous paragraphs, ML and statistical analysis are utilized to discard outliers and ensure that data is coherent, favoring historically reliable data sources. Recent research, however, shows that this data is not leveraged by oracle providers in real-time, who generally use static data instead, creating a potential bias in node selection (Abinivesh S, 2025). AI can enhance these mechanisms by dynamically scoring data quality rather than relying on static thresholds. Taghavi et al. (2022), for example, employ Bayesian reinforcement learning frameworks to dynamically adjust oracle node reputations, leveraging real-time performance metrics such as accuracy, responsiveness, and reliability. Nodes demonstrating consistent reliability receive higher reputation scores, incentivizing honest reporting. Conversely, nodes exhibiting erratic or suspicious behaviors receive lower scores, effectively isolating potentially compromised nodes. Experimental implementations on Ethereum demonstrated BLOR’s effectiveness in consistently identifying optimal oracle nodes, significantly reducing operational risks and costs.
Similarly, Zhang et al. (2025) introduced a deep reinforcement learning model (TCODRL) that incorporates a comprehensive trust management framework. It evaluates oracle reputation on multiple dimensions using a sliding window to track changes, and then applies deep RL to adaptively select high-reputation oracles. In simulations, this system reduced the usage of malicious oracles by >39% and cut overall costs up to 12% compared to traditional static methods. These results suggest AI can significantly improve oracle data by learning which data sources tend to be honest or accurate.
Other proposals for reputation schemes consider multi-dimensional signals. For instance, the ETORM proposal tracks each oracle’s task-level accuracy and completion time (local reputation) and its overall historical performance and uptime (global reputation). In these systems, oracle nodes must lock up a financial stake (collateral) as a security deposit. If they provide false or misleading data, part or all of this stake can be slashed, meaning it can be confiscated by the protocol, thereby creating a direct economic penalty for dishonest behavior (Wang et al., 2024). These metrics are combined (often weighted by recency through a sliding window) into a single trust score, which is used to filter and rank nodes (Zhang et al., 2025). In principle, ML could further refine this by learning which features best predict reliability. For example, clustering or outlier-detection could spot anomalous oracle behavior.
4.4 Hybrid AI-Governance models for oracle reliability
While AI techniques offer robust and dynamic methods for evaluating oracle reliability, their effectiveness is enhanced when integrated with decentralized governance frameworks and cryptoeconomic incentives. Rewarding and punishing agents for complying with specific operations is also a principle of Reinforcement learning that can be efficiently implemented in governance mechanisms in light of balancing algorithmic accuracy and community-driven decision-making.
An example of this integration is Supra’s Threshold AI framework that requires each AI agent (an oracle node running an AI model) to lock a stake and earn a performance-based reputation. If an agent produces incorrect or malicious outputs, the protocol will slash its staked collateral as a penalty. Otherwise, agents that consistently provide timely, accurate data are rewarded with user fees or token subsidies. By embedding staking, slashing, and reputation scores at the core of the oracle, the system creates financial disincentives for bad data and drives AI agents to act honestly. Such cryptoeconomic guarantees are crucial, given that AI models could otherwise behave in an opaque manner. The stake, on the other hand, provides a tangible accountability for the AI operator. Notably, a sufficiently large stake also raises the cost of Sybil attacks (spawning fake oracle nodes) and can even serve as a trust signal (long-duration or high-value takes increase an agent’s reputation weight). This incentive-based system is quite well-known and widely used in the world of oracles, dating back to the early days of Ethereum, by operators such as Tellor, Razor, or Bluzelle (Bains and Murarka, 2017; Tellor, 2020; Huilgolkar, 2021). However, ensuring proactiveness and responsiveness of human nodes to economic incentives is not always measurable due to laziness and limited action flow (Caldarelli and Ellul, 2021a; Eskandari et al., 2021). Thanks to RL, AI agents can be efficiently trained with economic incentives, and their behavior can be reasonably predictable.
Decentralized Autonomous Organizations (DAOs) may also play a crucial role in complementing AI-driven reliability models. Oracle providers such as API3, for example, utilize decentralized governance to allow stakeholders to vote on critical oracle management decisions, including adding or removing data sources, adjusting update frequency thresholds, and managing network parameters (Benligiray et al., 2022). DAO’s decisions and updates may help rebalance AI parameters so that the implemented models or agents are adapted to the protocol’s needs and market changes. Ironically, human oversight remains an important backstop in some AI oracle proposals. Because AI agents might struggle with subjective or ambiguous queries, a “human-in-the-loop” mechanism can be used as a last resort. The Supra framework, for example, allows certain queries to be flagged for manual review. If the AI committee cannot reach a confident consensus, the query can escalate to designated human arbiters or a DAO vote before finalizing the on-chain result (Supra, 2025). Humans can either override the AI’s output or participate alongside AI agents in consensus for those cases. While this introduces some latency, it provides a crucial check on AI decisions and helps handle things that algorithms cannot or should not decide alone. This is again a well-known and established principle in the oracle space for solutions such as RealityEth, Augur, or UMA, where for complex or delicate decisions, the protocol escalates to an external arbiter (Kleros), which is notably human-based (Peterson et al., 2015; UMA, 2018; Lesaege et al., 2019). In effect, decentralized human consensus acts as the ultimate oracle. Finally, we can argue that the combination of AI automation with community governance and staking creates a hybrid trust model in which AI brings speed and scalability in analyzing data, while decentralized human and economic mechanisms provide accountability, configurability, and fallback in cases where AI might err or be uncertain. An early example of such a design is CONDOR (Sata et al., 2021), which connects AI-based oracles to blockchains through an auditable auction–dispute protocol. In their framework, oracle nodes stake deposits, submit AI-generated solutions, and face potential re-execution and slashing if disputes reveal inconsistencies, thereby operationalizing accountability around otherwise non-deterministic AI outputs.
4.5 AI-driven fact extraction and verification in oracle systems
Natural Language Processing techniques and Large Language Models are increasingly proposed as tools to assess the trustworthiness of unstructured or semi-structured data before it is submitted on-chain. Traditional oracles often relay raw data (prices, event outcomes, etc.) without interpretation, but LLM-powered oracles could interpret and verify facts from sources like news articles, financial filings, or weather reports. For example, Chainlink Labs investigated an oracle prototype that uses an LLM to parse corporate reports and press releases for specific events (e.g., dividend announcements) and convert them into a structured format (Cryptopolitan, 2024). In their tests, multiple oracle nodes ran independent LLM instances to cross-verify the extracted facts, helping filter out hallucinations and errors. Only when the nodes reach consensus on a fact (e.g., the exact dividend amount and date) is the information accepted and published on-chain. Likewise, evidence from practitioner research supports the view that LLM agents can autonomously retrieve documents, analyze content, and even cite sources as evidence for claims (Zintus-Art et al., 2025). By grounding their outputs in verifiable references and providing reasoning traces, such systems aim to ensure each on-chain fact is backed by transparent evidence, increasing confidence in the oracle’s data.
Beyond data retrieval, LLMs can act as an inference layer within decentralized oracles, performing reasoning or judgment on incoming data. Rather than simply reporting an external value, an LLM-enhanced oracle could answer complex queries like “Did a certain regulatory change actually occur?” or “Should a liquidation execute given current market news?”, returning a yes/no or contextual answer that has been vetted by AI reasoning (Chainwire, 2025). A recent implementation in the practitioner space proposes achieving this through multiple LLM-based agents with different roles, which deliberate over an event and reach a quorum before delivering an outcome. Agents may also embody different roles from simple fact checking to data inconsistencies or legal compliance, while their collective decision may be aggregated once a threshold is reached and a cryptographic proof is generated (i.e., BLS signature) for the result (Newey, 2025).
Concerning complex queries, again, the Chainlink research team built an LLM-based prediction market resolver that autonomously determined real-world event outcomes for Polymarket markets. Using GPT-4 with a carefully designed pipeline (question reframing, web research via tools like Perplexity, and a reasoning module), their AI oracle correctly resolved up to 89% of 1,660 test cases, even citing sources for each answer. Intuitively, it excelled in cases with clear official data (such as sports results) and maintained a transparent chain of thought for auditing (Zintus-Art et al., 2025).
Pioneering work has also been pursued by Oraichain, which launched a specialized blockchain that is meant to act as an AI-centric oracle. It allows smart contracts to access various AI models, including LLMs, for data analysis, content moderation, and verification. They also developed an interesting method to enhance and verify the reliability of AI responses, leveraging test cases and having AI vote on these cases. To make an example, before AI oracles are used to provide an answer on real use cases, a test query is run, and the answers are verified through a benchmark that identifies which agents are reliable and can intervene in the real use case (LithiumDigital, 2024). An example of this system is “Modestus”, a content moderation oracle built on Oraichain that uses an LLM to classify text under various policies (hate speech, profanity, etc.). Modestus was trained by drawing knowledge from multiple black box LLMs into a single open-source model, using a decentralized aggregation of their outputs to reduce individual model bias (OraichainLabs, 2024). This mechanism allows for the reduction of the blurriness of LLM model reasoning while permitting adjustments if deemed necessary. The higher level of transparency may also allow for more agile auditability.
Academic research reinforces the idea of leveraging LLM models to improve oracle reliability. For instance, Xian et al. (2024) introduce C-LLM, a framework where multiple oracle nodes query independent LLMs and then apply a truth-discovery algorithm (called SenteTruth) to aggregate the answers. By combining semantic similarity measures with voting/truth-detection methods, they showed improved answer accuracy up to 17.7% even with nearly 40% of nodes being malicious or unreliable. Xian et al. (2024) approach treats LLMs as a decentralized validator, counting them as a single voter rather than employing a middle-layer solution. That way, hallucination-driven errors are highly mitigated. This study directly extends the pioneering research by Xu et al. (2023), which proposed a system for smart contracts to query LLMs using a relayer, an intermediary service that transmits requests and responses without altering them while ensuring that outputs can be verified on-chain. In their system, smart contracts and LLMs worked independently, and a verification mechanism ensured the relayer could not tamper with the LLM response (either with a hash comparison or with a Zero-Knowledge Proof (ZKP)). They also proposed a wrapper at the smart contract level that enables effective formatting of questions and interpretation of LLM responses. This work is significant, as it is also blockchain-agnostic and may serve as a precursor for further research, such as that by Xian et al. (2024), who extended the idea of querying LLMs with truth-discovery mechanisms, or by Fu and Xie (2025), who advanced the concept into a full oracle architecture for LLMs and AI agents, integrating consensus-based data validation with retrieval and on-chain logging for auditability. Table 4 provides a summary of the information discussed in this section.
Table 4. AI paradigms, techniques, and use cases in oracle systems.
5 Challenges for AI in solving the oracle problem
While AI technologies offer promising enhancements to oracle systems, their integration into decentralized blockchain infrastructures remains fraught with critical challenges. This section provides a structured and critical overview of these limitations, highlighting technical, epistemological, and governance-related challenges. Particular emphasis is placed on how AI’s inherent characteristics, such as non-determinism, opacity, and data dependency, may conflict with blockchain principles like verifiability, trust minimization, and deterministic consensus.
5.1 Lack of cryptographic verifiability and determinism
Blockchain technology’s foundational strength lies in its deterministic and cryptographically verifiable nature. Identical inputs must consistently yield identical outcomes across all nodes, ensuring universal consensus and trustless verifiability (Antonopoulos, 2017; Antonopoulos and Woods, 2018). Instead, sophisticated AI models, particularly deep neural networks and large language models, possess probabilistic and non-deterministic behaviors, making integration in purely decentralized oracle architectures inherently complex. AI models commonly incorporate randomized elements such as stochastic gradient descent, model initialization, and sampling procedures, resulting in probabilistic outputs (Vaswani et al., 2017; Brown et al., 2020). Consequently, even identical AI setups across different blockchain nodes may produce slightly different results, undermining the consistency and quorum required by blockchain consensus mechanisms (Bano et al., 2019; Tasca and Tessone, 2019).
The non-determinism inherent in LLMs further complicates these consensus challenges. For instance, large language models may produce variable outputs on repeated queries due to their generative and probabilistic nature. This variability is often governed by parameters such as “sampling temperature”, a setting that controls the level of randomness in text generation. A higher temperature produces more diverse but less predictable outputs, while a lower temperature makes responses more focused and deterministic (Ouyang et al., 2022). Fixing this parameter to zero can indeed reduce randomness; however, such constraints can negatively affect model flexibility and output quality, indicating an inherent trade-off between determinism and model performance (OpenAI et al., 2024). Decentralized oracle architectures employing LLMs thus require additional and sophisticated mechanisms that ensure univocal responses (e.g., SenteTruth (Xian et al., 2024)), introducing additional complexity, but arguably without entirely eliminating ambiguity. In cases where high-confidence consensus is unreachable, oracles might need to acknowledge query indeterminacy explicitly, further complicating integration (Zintus-Art et al., 2025).
The opacity of AI decision-making also clashes with blockchain’s transparency and auditability principles (Nakamoto, 2008; Yermack, 2017). Complex AI systems, especially deep neural networks, often function as “black boxes,” lacking fully transparent reasoning pathways (Lipton, 2018; Rudin, 2019). This opacity creates substantial trust and governance issues, particularly critical in high-stakes blockchain applications such as finance, governance, or legal agreements, where verifiability and explainability are crucial (Doshi-Velez and Kim, 2017; Wolf et al., 2020; Tosin Adewale et al., 2022). While some AI oracle design proposals incorporate explicit reasoning logs or cryptographic quorum proofs, the verification of AI-generated outputs requires inspecting these transcripts off-chain, weakening or impeding full on-chain auditability and introducing additional off-chain trust reliance mechanisms (Supra, 2025; Zintus-Art et al., 2025). Architectures like AI Oracle proposed in Fu and Xie (2025) improve verifiability through consensus validation, encrypted transport, and immutable storage, but at the cost of latency and complexity, illustrating how AI-assisted oracles shift rather than resolve trust and operational trade-offs.
In practical terms, the discrepancy between blockchain determinism and AI probabilism necessitates supplementary verification measures. Current strategies exploring verifiable computation for AI, including zero-knowledge proofs (zk-SNARKs or zk-STARKs), are still nascent, computationally expensive, and largely impractical for large-scale models or real-time applications (Xu et al., 2023; Xian et al., 2024). While emerging oracle systems (e.g., Oraichain) attempt transparency through open-sourced models and verifiable inference processes, the complexity and resource-intensiveness of such solutions presently limit their widespread adoption and scalability (LithiumDigital, 2024). Table 5 summarizes what was discussed in the present paragraph.
Table 5. Lack of cryptographic verifiability and determinism: Core challenges and implications for oracles.
5.2 Model fallibility and bias
Despite significant advancements, AI models remain inherently fallible, susceptible to biases, and prone to systematic inaccuracies, presenting evident limitations within blockchain oracle applications. Particularly critical are issues of false positives and false negatives arising from anomaly detection systems. For instance, legitimate market movements characterized by exponential but authentic price fluctuations can be misidentified as anomalous events (false positives), potentially resulting in unnecessary disruptions or delays to smart contract processes. Conversely, carefully crafted adversarial inputs may exploit known weaknesses in AI models, resulting in overlooked malicious manipulations (false negatives) (Chandola et al., 2009; López de Prado, 2018). This challenge becomes particularly critical in highly volatile environments such as decentralized finance (DeFi), where sensitive AI systems must delicately balance alert thresholds to minimize both types of errors (Taghavi et al., 2022; Zhang et al., 2025). For instance, we would like to clarify that we are not claiming that AI oracles have already demonstrably failed due to false positives or false negatives, but given the well-documented limitations of AI-based anomaly detection in high-volatility and adversarial environments (Goodfellow et al., 2014), it is reasonable to infer that AI-enhanced oracle systems remain vulnerable to false positives and false negatives, particularly in fast-moving DeFi markets.
Further complicating these issues, large language models, despite their powerful reasoning capabilities, are particularly prone to hallucinations (Brown et al., 2020). Within blockchain contexts, reliance on hallucinated information can trigger erroneous automatic executions in smart contracts, potentially causing financial losses, improper settlements, or legal disputes. To mitigate hallucinations, approaches such as robust source grounding, explicit reasoning traces, and cross-verification through multiple models have been explored (LithiumDigital, 2024; Zintus-Art et al., 2025). However, as LLMs mostly share the same weaknesses and are potentially trained on the same datasets, they would probably all converge to a hallucination if they are prompted to produce an output on a segment of data that is lacking.
Additionally, AI models inherently embed biases present in their training data. If an oracle’s AI model has been predominantly trained on historical data from a specific market, region, or provider, it may systematically underperform or inaccurately assess data originating from novel or underrepresented contexts (Mehrabi et al., 2022; Barocas et al., 2023). To make an example, if an anomaly detection model is trained on a specific DeFi market, when implemented in another market, it may potentially misreport anomalies or overlook manipulations. Therefore, it may require additional training data and testing before performing well in another context.
AI models also face challenges related to model drift and degradation over time, as real-world data distributions evolve and adversaries exploit newly discovered vulnerabilities (Gama et al., 2014; Bayram et al., 2022). For example, a predictive AI oracle initially performing well may gradually lose accuracy if its training data no longer represent current market conditions or if adversaries engineer inputs to deceive it (Supra, 2025). Continuous retraining and dynamic model updates become necessary to sustain accuracy; however, implementing these updates in decentralized systems may require complex governance processes or multi-party verification, which adds layers of procedural complexity and potentially delays critical updates. Otherwise, the AI implementation must be managed by a centralized entity, which clashes with blockchain decentralization principles.
At the end of the day, despite artificial intelligence’s considerable strengths, its reliability is strictly dependent on the trustworthiness of external data sources, a challenge well-known in computer science as the “garbage-in, garbage-out” (GIGO) principle. This principle emphasizes that the output quality of any computational system, regardless of sophistication, directly depends on the accuracy and authenticity of the input data it receives (Stenson, 2016; Kilkenny and Robinson, 2018). No matter how advanced or intricate an AI model may be, it remains constrained by the veracity and integrity of the initial data provided.
This limitation becomes particularly problematic in decentralized blockchain systems, where the main goal is trustlessness and independent verifiability (Caldarelli, 2020b; Powell et al., 2022). AI-driven oracle solutions, as any other oracle, although significantly enhancing data reliability “under ideal conditions”, inherently rely on external information sources. These data sources such as sensor networks, financial market feeds, or third-party reports, are beyond the blockchain’s native verification capabilities (Egberts, 2017; Frankenreiter, 2019). For example, while AI-based anomaly detection methods can effectively flag suspicious price fluctuations or irregular data submissions, they cannot independently verify the accuracy of these data points (Chandola et al., 2009; Goodfellow et al., 2016). Similarly, natural language processing-based oracles, which extract structured facts from textual content, depend entirely on the trustworthiness and accuracy of their primary information sources. Consequently, if the original documents or sources contain inaccuracies or misinformation, the AI systems will inadvertently propagate and amplify these errors, producing sophisticated but ultimately flawed conclusions (Zellers et al., 2019; Bender et al., 2021; OpenAI et al., 2024).
Therefore, While AI can reduce risks associated with data inaccuracies, it cannot eliminate the need for external trust in information sources. This limitation also raises questions of accountability. As Papadouli and Papakonstantinou (2023) argue, AI-based oracles not only inherit issues of fallibility and bias but also create uncertainty over who is responsible when errors occur. Their legal perspective highlights the need to complement technical safeguards with explicit responsibility frameworks, ensuring that liability is clearly allocated when AI is integrated into oracle systems. Table 6 summarizes these concepts.
Table 6. Model fallibility and bias: Core challenges and implications for oracles.
5.3 Complexity and expanded attack surface
Integrating advanced AI techniques into blockchain oracle systems significantly increases both architectural complexity and the potential attack surface, introducing new vulnerabilities while also enhancing capabilities. As emphasized in previous paragraphs, sophisticated AI models, including neural networks, large ensembles, and reinforcement learning frameworks, inherently demand considerable computational resources for training, fine-tuning, and inference (Goodfellow et al., 2016; Brown et al., 2020; Strubell et al., 2020; Thompson et al., 2023). Due to blockchain’s stringent on-chain resource constraints (such as gas costs and computational limitations), advanced computations often require off-chain execution coupled with secure transmission and cryptographic verifications sent back to the blockchain (Supra, 2025; Zintus-Art et al., 2025). This additional operational layer introduces further complexity in data-transmission protocols and verification methods (e.g., zero-knowledge proofs or trusted execution environments), as well as in ensuring the integrity and authenticity of off-chain computation results. These factors significantly complicate the overall architecture and may introduce latency and scalability bottlenecks (Xu et al., 2023; Xian et al., 2024). In practical terms, this means that the information needed and delivered by an AI oracle should be transmitted to the blockchain through another oracle, which is a highly controversial solution in light of decentralization and the reduction of intermediaries.
Moreover, AI integration inherently exposes oracle systems to adversarial machine learning attacks. Techniques such as data poisoning, intentionally corrupting training datasets to produce systematically flawed outputs, and adversarial input manipulations designed to deceive AI models represent tangible, severe threats (Biggio and Roli, 2018; Zhao et al., 2025). For instance, carefully constructed adversarial inputs or prompts can exploit the sensitivity of large language models, eliciting biased, incorrect, or misleading outputs that may trigger harmful or erroneous blockchain actions. It has to be considered that robustness testing through simulated adversarial scenarios, adversarial training, and the employment of ensemble models to cross-validate outputs becomes essential, thus inevitably affecting implementation costs (Goodfellow et al., 2014; Cinà et al., 2023).
Additionally, the complexity of AI-driven oracle architectures significantly complicates security auditing, validation, and operational monitoring of smart contracts. Every new AI component introduced into the oracle system demands rigorous security assessments and continuous verification, each carrying substantial costs in terms of expertise, resources, and time. Subtle coding errors, overlooked edge cases, or unforeseen model behaviors could lead to severe vulnerabilities that malicious actors can exploit, significantly expanding the potential attack vectors beyond those of simpler, traditional oracles. Bugs in smart contracts, flawed oracle architectures, and unforeseen events have already led to dramatic failures in blockchain history. For instance, the DAO hack that resulted in the Ethereum hard fork was caused by a smart contract vulnerability (re-entrancy); the Curve Finance incident stemmed from poor oracle selection; and the mass liquidations in 2020 were triggered by a black swan event (COVID-19), for which no adequate safeguards had been implemented (Thomson, 2016; Stevens, 2020; Caldarelli and Ellul, 2021a). Introducing off-chain AI components into oracle systems would likely increase architectural complexity and, consequently, expand the potential attack surface, potentially leading to more frequent or severe failures of the kinds described above. While it is true that these historical failures were rooted in human error, the same applies to AI: before it is artificial or autonomous, it is programmed, trained, and managed by humans (Amodei et al., 2016; Floridi et al., 2018).
Consequently, the integration of advanced AI techniques into blockchain oracle systems, while offering notable advantages, requires a cautious and strategic implementation. Rigorous calibration, comprehensive security audits, continual adversarial testing, and careful balancing of complexity against performance remain indispensable. Ultimately, the practical deployment of AI-enhanced oracles must critically evaluate whether their security benefits genuinely outweigh the substantial operational and security overheads they introduce, particularly within decentralized contexts that prioritize transparency, trustlessness, and broad accessibility. Table 7 provides an overview of the information discussed in this paragraph. Figure 1 instead provides a visual overview of how AI integrates within blockchain oracle architectures, highlighting its position in the overall design and illustrating where it introduces new challenges.
Table 7. Complexity and expanded attack surface: Core challenges and implications for oracles.
Figure 1. Overview of an AI-enhanced oracle system.
6 Concluding thoughts
“If we use, to achieve our purposes, a mechanical agency with whose operation we cannot efficiently interfere…, we had better be quite sure that the purpose put into the machine is the purpose which we really desire.” (Wiener, 1960).
These words from Norbert Wiener remain strikingly relevant in today’s discussions around both artificial intelligence and blockchain oracles. When we delegate decision-making to external systems, whether deterministic or probabilistic, we must ensure that their internal logic aligns with our objectives and values. Failing to do so risks not only inefficiency but profound systemic failure.
The blockchain oracle problem is not just a technical limitation; it is an epistemic one. It reflects the paradox of attempting to create trustless systems that ultimately depend on data whose authenticity cannot be independently verified. In that sense, the problem is not eliminated but merely displaced from verifying data to verifying data providers, from trusting central parties to trusting probabilistic mechanisms or game-theoretic assumptions. It is important to note that by relying on artificial intelligence, we do not have a trust shift from one operator to another, but an additional trust dependency. As shown in Figure 1, the AI component does not replace any of the legacy oracle components but constitutes an additional layer that must also be trusted. Although providing useful functionalities, it inevitably constitutes an additional point of failure in the system design.
Building on this observation, this paper has explored the potential role of artificial intelligence in addressing this dilemma. Through the analysis of current research and implementations, we support the idea that AI can meaningfully complement oracle infrastructures, enhancing anomaly detection, ranking data sources dynamically, interpreting unstructured information through NLP, and detecting manipulation with adversarial learning techniques. Frameworks such as AiRacleX and industry protocols like Chainlink and Oraichain demonstrate how AI can be embedded into oracle systems to expand their analytical capabilities (LithiumDigital, 2024; Gao et al., 2025; Zintus-Art et al., 2025).
Yet, this integration does not resolve the oracle problem. AI does not remove the need for trust; it redistributes it. It introduces new forms of opaqueness, shifts the point of failure, and adds layers of complexity that must themselves be monitored, audited, and secured. In essence, trying to solve one black box with another is conceptually incoherent. While AI can optimize, it cannot verify truth in a cryptographically meaningful way. To borrow a metaphor, addressing the oracle problem with AI resembles applying a patchwork to a leaking pipe. It may temporarily slow the leak, but the underlying weakness remains, and the accumulating pressure risks an even larger rupture.
Therefore, the most reasonable path forward lies in hybrid architectures, oracle systems that strategically combine AI-powered inference with economic incentives, decentralized governance, cryptographic proofs, and transparent accountability mechanisms. These systems should not aim to eliminate trust altogether but to manage and distribute it in ways that are auditable, resilient, and context-appropriate.
The review supporting this paper’s position also highlighted some emerging research within AI/Oracle interaction that may benefit from further studies. The following ones are suggested:
1. Comparative analyses could be conducted by examining data from AI-enhanced oracles, such as Supra or Chainlink, and comparing them with DeFi oracle data reported by Liu et al. (2021) prior to AI integration. This would enable researchers to evaluate whether AI implementations have effectively mitigated price spikes.
2. Further comparative analysis could examine fact-checking AI oracles (Chainwire, 2025; Newey, 2025; Zintus-Art et al., 2025) against legacy alternatives such as RealityEth, UMA, or Kleros. Since AI oracles ultimately rely on human-based fact-checking, one might expect legacy systems to outperform them. However, empirical studies in this domain may challenge this assumption.
3. Although the literature reports some preliminary implementations of adversarial AI in oracles (Abinivesh S, 2025; Gao et al., 2025), more in-depth analyses are needed to evaluate their performance against real-world attacks. Such investigations would provide a clearer picture of their actual effectiveness in practical scenarios.
4. As this study highlighted, while practitioner projects are experimenting with AI-driven oracle governance (Benligiray et al., 2022; Newey, 2025), related academic research remains scarce. There is an urgent need to analyze how trust is displaced within these governance systems, explicitly identifying where new trust assumptions fall (e.g., model developers, data sources, validator pools).
5. Given the diverse research and development approaches emerging in both academic and practitioner literature, establishing an oracle standard, as discussed in Caldarelli and Ellul (2021a), would greatly help harmonize efforts. Considering the complexity of AI-driven oracles, such standardization should be regarded as essential.
The title of this paper poses a provocative question: Can AI solve the blockchain oracle problem? After careful consideration, the answer is clearly no, but it can help mitigate it. Recognizing the limits of both technologies allows us to design oracle systems that are neither naively deterministic nor recklessly optimistic. As the space continues to evolve, what is needed is not technological absolutism, but pragmatic innovation grounded in interdisciplinary rigor and epistemic humility.
Author contributions
GC: Conceptualization, Visualization, Supervision, Validation, Methodology, Data curation, Investigation, Writing – review and editing, Funding acquisition, Project administration, Writing – original draft, Resources, Software, Formal Analysis.
Funding
The authors declare that no financial support was received for the research and/or publication of this article.
Conflict of interest
The author declares that the research was conducted in the absence of any commercial or financial relationships that could be construed as a potential conflict of interest.
Generative AI statement
The authors declare that no Generative AI was used in the creation of this manuscript.
Any alternative text (alt text) provided alongside figures in this article has been generated by Frontiers with the support of artificial intelligence and reasonable efforts have been made to ensure accuracy, including review by the authors wherever possible. If you identify any issues, please contact us.
Publisher’s note
All claims expressed in this article are solely those of the authors and do not necessarily represent those of their affiliated organizations, or those of the publisher, the editors and the reviewers. Any product that may be evaluated in this article, or claim that may be made by its manufacturer, is not guaranteed or endorsed by the publisher.
References
Abinivesh, S. (2025). Reinforcement learning-enhanced adaptive blockchain oracles for secure and efficient data aggregation. J. Inf. Syst. Eng. Manag. 10 (27s), 139–144. doi:10.52783/jisem.v10i27s.4384
Akartuna, A. (2022). Mango market exploit: DeFi loses nearly $900 million to hackers in costliest 30 days on record, elliptic.co. Available online at: https://www.elliptic.co/blog/analysis/mango-market-exploit-defi-loses-nearly-900-million-to-hackers-in-costliest-30-days-on-record (Accessed June 24, 2025).
Al-Breiki, H., Rehman, M. H. U., Salah, K., and Svetinovic, D. (2020). Trustworthy blockchain oracles: review, comparison, and open research challenges. IEEE Access 8, 85675–85685. doi:10.1109/ACCESS.2020.2992698
Almi’Ani, K., Lee, Y. C., Alrawashdeh, T., and Pasdar, A. (2023). Graph-based profiling of blockchain oracles. IEEE Access 11, 24995–25007. doi:10.1109/ACCESS.2023.3254535
Amodei, D. (2016). Concrete problems in AI safety. Available online at: http://arxiv.org/abs/1606.06565.
Andresen, G. (2014). Bit-thereum | GavinTech, GavinTech. Available online at: http://gavintech.blogspot.com/2014/06/bit-thereum.html (Accessed January 21, 2023).
Antonopoulos, A. M. (2017). Mastering bitcoin: programming the open blockchain. 2nd edn. Sebastopol, CA: O’Reilly.
Antonopoulos, A. M., and Woods, G. (2018). Mastering ethereum – building smart contracts and DAPPS. 1st edn. Sebastopol, CA: O’Reilly.
Bahdanau, D., Cho, K., and Bengio, Y. (2014). Neural machine translation by jointly learning to align and translate. Available online at: http://arxiv.org/abs/1409.0473.
Bains, P., and Murarka, N. (2017). Bluzelle: a decentralized database for the future. Whitepaper. Available online at: https://bluzelle.com/whitepaper.pdf (Accessed March 24, 2021).
Bano, S. (2019). “Sok: consensus in the age of blockchains,” in AFT 2019 - proceedings of the 1st ACM conference on advances in financial technologies, 183–198. doi:10.1145/3318041.3355458
Barocas, S., Hardt, M., and Narayanan, A. (2023). Fairness and machine learning limitations and opportunities. Available online at: https://fairmlbook.org/.
Bayram, F., Ahmed, B. S., and Kassler, A. (2022). From concept drift to model degradation: an overview on performance-aware drift detectors. Knowledge-Based Syst. 245, 108632. doi:10.1016/j.knosys.2022.108632
Behnke, B. (2023). What are TWAP oracles? halborn.com. Available online at: https://www.halborn.com/blog/post/what-are-twap-oracles (Accessed June 12, 2025).
Belchior, R. (2022). “A survey on blockchain interoperability: past, present, and future trends,” in ACM computing surveys (New York, NY: ACM PUB27), 1–41. doi:10.1145/3471140
Belchior, R. (2023). A brief history of blockchain interoperability. doi:10.36227/TECHRXIV.23418677.V3
Bender, E. M. (2021). “On the dangers of stochastic parrots,” in Proceedings of the 2021 ACM conference on fairness, accountability, and transparency (New York, NY, USA: ACM), 610–623. doi:10.1145/3442188.3445922
Beniiche, A. (2020). A study of blockchain oracles. arXiv, 1–9. Available online at: https://arxiv.org/abs/2004.07140.
Biggio, B., and Roli, F. (2018). Wild patterns: ten years after the rise of adversarial machine learning. Pattern Recognit. 84, 317–331. doi:10.1016/j.patcog.2018.07.023
Breidenbach, L. (2021). Chainlink 2.0: next steps in the evolution of decentralized oracle networks. Available online at: https://research.chain.link/whitepaper-v2.pdf.
Brown, T. B. (2020). Language models are few-shot learners. Adv. Neural Inf. Process. Syst. doi:10.5555/3495724.3495883
Caldarelli, G. (2020a). “Real-world blockchain applications under the lens of the oracle problem. A systematic literature review,” in 2020 IEEE international conference on technology management, operations and decisions, ICTMOD 2020, marrakech, Morocco, 25–27 November 2020 (IEEE), 1–6. doi:10.1109/ICTMOD49425.2020.9380598
Caldarelli, G. (2020b). Understanding the blockchain oracle problem: a call for action. Information 11 (11), 509. doi:10.3390/info11110509
Caldarelli, G. (2021a). Blockchain oracles and the oracle problem: a practical handbook to discover the world of blockchain, smart contracts, and oracles —Exploring the limits of trust decentralization. 1st edn. Naples, Italy: Amazon Publishing.
Caldarelli, G. (2021b). Wrapping trust for interoperability: a preliminary study of wrapped tokens. Inf. 2022 13 (6), 6. doi:10.3390/INFO13010006
Caldarelli, G. (2023). Before ethereum. The origin and evolution of blockchain oracles. IEEE Access 11, 50899–50917. doi:10.1109/ACCESS.2023.3279106
Caldarelli, G., and Ellul, J. (2021a). The blockchain oracle problem in decentralized finance—A multivocal approach. Appl. Sci. 11 (16), 7572. doi:10.3390/app11167572
Caldarelli, G., and Ellul, J. (2021b). Trusted academic transcripts on the blockchain: a systematic literature review. Appl. Sci. Switz. 11 (4), 1842–22. doi:10.3390/app11041842
Cao, Y., Zou, C., and Cheng, X. (2021). Flashot: a snapshot of flash loan attack on DeFi ecosystem. arXiv, 12890. doi:10.48550/arXiv.2102.00626
Chainwire (2025). Supra introduces their new AI oracle protocol, making Web3 smarter and more secure - ‘the defiant’, thedefiant.io. Available online at: https://thedefiant.io/news/press-releases/supra-introduces-their-new-ai-oracle-protocol-making-web3-smarter-and-more-secure (Accessed June 25, 2025).
Chan, B., and Abrego, M. (2025). How investment banks, hedge funds, and investment firms are using AI - Business insider, businessinsider.com. Available online at: https://www.businessinsider.com/wall-street-goldman-jpmorgan-bridgewater-using-ai-2023-12?utm_source=chatgpt.com (Accessed July 2, 2025).
Chandola, V., Banerjee, A., and Kumar, V. (2009). Anomaly detection - a survey. ACM Comput. Surv. 41 (3), 1–58. doi:10.1145/1541880.1541882
Chiarelli, A. (2023) “Securing the bridges between two worlds: a systematic literature review of blockchain oracles security,” in Master’s programme in security and cloud computing - SECCLO.
Chipolina, S. (2020). Oracle exploit sees $89 million liquidated on compound, decrypt. Available online at: https://decrypt.co/49657/oracle-exploit-sees-100-million-liquidated-on-compound (Accessed April 9, 2021).
Cinà, A. E., Grosse, K., Demontis, A., Vascon, S., Zellinger, W., Moser, B. A., et al. (2023). Wild patterns reloaded: a survey of machine learning security against training data poisoning. ACM Comput. Surv. 55 (13), 1–39. doi:10.1145/3585385
Cohen, P. R. (1995). Control conditions in mycin: a case study, experimental methods for artificial intelligence. Available online at: https://www.cs.colostate.edu/∼howe/EMAI/ch3/node5.html (Accessed 12 June 2025).
Cortes, C., and Vapnik, V. (1995). Support-vector networks. Mach. Learn. 20 (3), 273–297. doi:10.1007/BF00994018
Crosby, M. (2016). Blockchain technology beyond bitcoin. Appl. Innov. Rev. (2). Available online at: https://scet.berkeley.edu/wp-content/uploads/BlockchainPaper-1.pdf.
Cryptopolitan (2024). Chainlink tests streamlined business processes with oracles, chains and LLM AI, mitrade.com. Available online at: https://www.mitrade.com/insights/news/live-news/article-3-423367-20241022 (Accessed June 25, 2025).
D-Nice (2017). GitHub - provable-things/oraclize-lib: oraclize node.js library, github.com. Available online at: https://github.com/provable-things/oraclize-lib (Accessed January 27, 2023).
Dalovindj, U. (2014). The oracle problem. Available online at: https://www.reddit.com/r/Bitcoin/comments/2p78kd/the_oracle_problem/ (Accessed March 2, 2020).
Damjan, M. (2018). The interface between blockchain and the real world. Ragion Prat. 2018 (2), 379–406. doi:10.1415/91545
De Pedro, A. S., Levi, D., and Cuende, L. I. (2017). Witnet: a decentralized oracle network protocol. doi:10.13140/RG.2.2.28152.34560
Devlin, J. (2018). BERT: pre-training of deep bidirectional transformers for language understanding.
Doshi-Velez, F., and Kim, B. (2017). Towards A rigorous science of interpretable machine learning’, (Ml). Available online at: http://arxiv.org/abs/1702.08608.
Douceur, J. R. (2002). ‘The sybil attack’, lecture notes in computer science (including subseries lecture notes in artificial intelligence and lecture notes in bioinformatics), 2429, 251–260. doi:10.1007/3-540-45748-8_24/COVER
Egberts, A. (2017). The oracle problem - an analysis of how blockchain oracles undermine the advantages of decentralized ledger systems. SSRN Electron. J . doi:10.2139/ssrn.3382343
Eskandari, S. (2021). “SoK: oracles from the ground truth to market manipulation,” in Proceedings of the 3rd ACM conference on advances in financial technologies (New York, NY, USA: ACM), 127–141. doi:10.1145/3479722.3480994
Fedorova, E. P., and Skobleva, E. I. (2020). Application of blockchain technology in higher education. Eur. J. Contemp. Educ. 9 (3), 552–571. doi:10.13187/ejced.2020.3.552
Feigenbaum, E. A., and Buchanan, B. G. (1979). Proposal to the advanced research projects agency for the continuation of the heuristic programming project. Stanford University. Available online at: https://purl.stanford.edu/vp226xm6367.
Floridi, L., Cowls, J., Beltrametti, M., Chatila, R., Chazerand, P., Dignum, V., et al. (2018). AI4People—An ethical framework for a good AI society: opportunities, risks, principles, and recommendations. Minds Mach. 28 (4), 689–707. doi:10.1007/s11023-018-9482-5
Frankenreiter, J. (2019). The limits of smart contracts. J. Institutional Theor. Econ. JITE 175 (1), 149–162. doi:10.1628/jite-2019-0021
Fu, S., and Xie, M. (2025). “AI oracle: a blockchain-powered oracle for LLMs and AI agents,” in 2025 crypto valley conference (CVC) (IEEE), 1–10. doi:10.1109/CVC65719.2025.00007
Gama, J., Žliobaitė, I., Bifet, A., Pechenizkiy, M., and Bouchachia, A. (2014). A survey on concept drift adaptation. ACM Comput. Surv. 46 (4), 1–37. doi:10.1145/2523813
Gao, B. (2025). AiRacleX: automated detection of price oracle manipulations via LLM-driven knowledge mining and prompt generation. Available online at: http://arxiv.org/abs/2502.06348.
Goodfellow, I. J., Shlens, J., and Szegedy, C. (2014). Explaining and harnessing adversarial examples.
Goodfellow, I., Pouget-Abadie, J., Mirza, M., Xu, B., Warde-Farley, D., Ozair, S., et al. (2020). Generative adversarial networks. Commun. ACM 63 (11), 139–144. doi:10.1145/3422622
Hamilton, E. (2025). Axios event: media leaders share how AI is transforming the industry, axios.com. Available online at: https://www.axios.com/2025/07/01/axios-cannes-event-media-ai-industry-transformation?utm_source=chatgpt.com (Accessed July 2, 2025).
Hart, P. E., Duda, R. O., and Einaudi, M. T. (1978). PROSPECTOR-A computer-based consultation system for mineral exploration. J. Int. Assoc. Math. Geol. 10 (5), 589–610. doi:10.1007/BF02461988
Harvey, C. R., Ramachandran, A., and Santoro, J. (2020). “DeFi and the future of finance,” in SSRN electronic journal, john Wiley and sons (New York, NY, USA), 2021. doi:10.2139/ssrn.3711777
Hassan, A., Makhdoom, I., Iqbal, W., Ahmad, A., and Raza, A. (2023). From trust to truth: advancements in mitigating the blockchain oracle problem. J. Netw. Comput. Appl. 217, 103672. doi:10.1016/j.jnca.2023.103672
Hearn, M. (2011). Contracts, BitcoinWiki. Available online at: https://en.bitcoin.it/w/index.php?title=Contract&oldid=13637 (Accessed December 2, 2022).
Heiss, J., Jacob, E., and Tai, S. (2019) “From oracles to trustworthy data on-chaining systems,” in 2019 IEEE International Conference on Blockchain (Blockchain). 14-17 July 2019. Atlanta, GA, USA. doi:10.1109/Blockchain.2019.00075
Hinton, G. (2017). Boltzmann machines. Encycl. Mach. Learn. Data Min. (1), 164–168. doi:10.1007/978-1-4899-7687-1_31
Hochreiter, S., and Schmidhuber, J. (1997). Long short-term memory. Neural Comput. 9 (8), 1735–1780. doi:10.1162/neco.1997.9.8.1735
Huilgolkar, H. (2021). Razor network: a decentralized oracle platform. Available online at: https://razor.network/whitepaper.pdf (Accessed February 18, 2021).
Huillet, M. (2018). Maersk, IBM launch blockchain shipping supply chain platform. Cointelegraph. Available online at: https://cointelegraph.com/news/maersk-ibm-launch-blockchain-shipping-supply-chain-platform. (Accessed December 4, 2023).
Ikeda, Y., Hadfi, R., Ito, T., and Fujihara, A. (2025). Anomaly detection and facilitation AI to empower decentralized autonomous organizations for secure crypto-asset transactions. AI Soc. 40 (5), 3999–4010. doi:10.1007/s00146-024-02166-w
Kilkenny, M. F., and Robinson, K. M. (2018). Data quality: “garbage in – garbage out”. Health Inf. Manag. J. 47 (3), 103–105. doi:10.1177/1833358318774357
Kolinko, T., Pstrucha, G., and Kucharski, K. (2014). Orisi whitepaper. GitHub. Available online at: https://github.com/orisi/wiki/wiki/Orisi-White-Paper (Accessed September 6, 2022).
Krizhevsky, A., Sutskever, I., and Hinton, G. E. (2012). “ImageNet classification with deep convolutional neural networks,” in Advances in neural information processing systems. Editor F. Pereira (Curran Associates, Inc.). doi:10.1145/3065386
Kumar, A., Liu, R., and Shan, Z. (2020). Is blockchain a silver bullet for supply chain management? Technical challenges and research opportunities. Decis. Sci. 51 (1), 8–37. doi:10.1111/deci.12396
LeCun, Y., Bengio, Y., and Hinton, G. (2015). Deep learning. Nature 521 (7553), 436–444. doi:10.1038/nature14539
Lesaege, C., Ast, F., and George, W. (2019). Kleros - Short paper v1.0.7. Available online at: https://kleros.io/whitepaper.pdf.
Levin, I. (2025). Collider - forta - the decentralized cyber security network, collider.vc. Available online at: https://www.collider.vc/post/forta---the-decentralized-cyber-security-network (Accessed June 24, 2025).
Lindsay, R. K., Buchanan, B. G., Feigenbaum, E. A., and Lederberg, J. (1993). DENDRAL: a case study of the first expert system for scientific hypothesis formation. Artif. Intell. 61 (2), 209–261. doi:10.1016/0004-3702(93)90068-M
Lipton, Z. C. (2018). The mythos of model interpretability. Queue 16 (3), 31–57. doi:10.1145/3236386.3241340
LithiumDigital (2024). In-Depth exploration of oraichain: revolutionising Web3 with AI-Powered oracles and blockchain integration | by lithium digital | medium, medium.com. Available online at: https://lithiumdigital.medium.com/in-depth-exploration-of-oraichain-revolutionising-web3-with-ai-powered-oracles-and-blockchain-6e90ec894d40 (Accessed June 26, 2025).
Liu, B., Szalachowski, P., and Zhou, J. (2021). “A first look into DeFi oracles,” in 2021 IEEE international conference on decentralized applications and infrastructures (DAPPS) (IEEE), 39–48. doi:10.1109/DAPPS52256.2021.00010
Lopez, E. (2022). Maersk, IBM to shut down blockchain joint venture TradeLens. Supplychaindive. Available online at: https://www.supplychaindive.com/news/Maersk-IBM-shut-down-TradeLens/637580/ (Accessed December 4, 2023).
Medvedev, E. (2021). Real-time crypto price anomaly detection with deep learning and band protocol | google cloud - community, medium.com. Available online at: https://medium.com/google-cloud/technical-indicators-calculation-and-anomaly-detection-on-band-protocol-data-6dbf3b9b92c6 (Accessed June 24, 2025).
Mehrabi, N., Morstatter, F., Saxena, N., Lerman, K., and Galstyan, A. (2022). A survey on bias and fairness in machine learning. ACM Comput. Surv. 54 (6), 1–35. doi:10.1145/3457607
Minsky, M., and Papert, S. A. (2017). Perceptrons. The MIT Press. doi:10.7551/mitpress/11301.001.0001
Mitchell, T. M. (1997). Machine learning. Internatio, software testing, verification and reliability. Internatio. Maidenhead, U.K: McGraw-Hill.
Morgenstern, L., and McIlraith, S. A. (2010). John McCarthy’s legacy. Artif. Intell. 175 (1), 1–24. doi:10.1016/j.artint.2010.11.003
Nakamoto, S. (2008). Bitcoin: a peer-to-peer electronic cash system. Available online at: https://bitcoin.org/bitcoin.pdf (Accessed June 11, 2019).
Nakamoto, S. (2011). Re: holding coins in an unspendable state for a rolling time window | Satoshi’s archive, Bitcoin.com. Available online at: https://www.bitcoin.com/satoshi-archive/emails/mike-hearn/15/ (Accessed November 25, 2022).
Newey, J. (2025). Supra unveils threshold AI oracles to power smarter On-Chain decisions | NFT news today, nftnewstoday. Available online at: https://nftnewstoday.com/2025/05/26/supra-unveils-threshold-ai-oracles-to-power-smarter-on-chain-decisions (Accessed June 25, 2025).
Ocheja, P., Flanagan, B., Ueda, H., and Ogata, H. (2019). Managing lifelong learning records through blockchain. Res. Pract. Technol. Enhanc. Learn. 14 (1), 4. doi:10.1186/s41039-019-0097-0
OpenAI (2024). GPT-4 technical report. Available online at: http://arxiv.org/abs/2303.08774.
OraichainLabs (2024). Introducing modestus — the most dynamic AI content moderator built with AI blockchain oracle 2.0 | by oraichain labs | oraichain, blog.orai.io. Available online at: https://blog.orai.io/introducing-modestus-the-most-dynamic-ai-content-moderator-built-with-ai-oracle-2-0-05ab0ddc31c9 (Accessed June 26, 2025).
Ouyang, L. (2022). Training language models to follow instructions with human feedback. Adv. Neural Inf. Process. Syst. 35 (NeurIPS). doi:10.48550/arXiv.2203.02155
Papadouli, V., and Papakonstantinou, V. (2023). A preliminary study on artificial intelligence oracles and smart contracts: a legal approach to the interaction of two novel technological breakthroughs. Comput. Law Secur. Rev. 51, 105869. doi:10.1016/j.clsr.2023.105869
Park, S., Bastani, O., and Kim, T. (2023). “ACon2: adaptive conformal consensus for provable blockchain oracles,” in 32nd USENIX security symposium, USENIX security 2023, 5, 3313–3330.
Pasdar, A., Lee, Y. C., and Dong, Z. (2023). Connect API with blockchain: a survey on blockchain oracle implementation. ACM Journals 55 (10), 1–39. doi:10.1145/3567582
Peterson, J. (2015). Augur: a decentralized oracle and prediction market platform. arXiv, 1–16. doi:10.13140/2.1.1431.4563
Powell, W., Foth, M., Cao, S., and Natanelov, V. (2022). Garbage in garbage out: the precarious link between IoT and blockchain in food supply chains. J. Industrial Inf. Integration 25, 100261. doi:10.1016/j.jii.2021.100261
Prasad, N. R., Almanza-Garcia, S., and Lu, T. T. (2009). Anomaly detection. Comput. Mater. Continua 14 (1), 1–22.
Protocol, N. (2023). NEST: decentralized martingale network B the accuracy of the NEST price. Available online at: https://www.nestprotocol.org/doc/ennestwhitepaper.pdf.
Protocol, B. (2024). Band protocol - whitepaper. Available online at: https://www.bandprotocol.com/.
Radford, A., and Isaksen, D. C. (2018). $t$-model structures. Homol. Homotopy Appl. 9 (1), 399–438. doi:10.4310/hha.2007.v9.n1.a16
Ressi, D., Romanello, R., Piazza, C., and Rossi, S. (2024). AI-enhanced blockchain technology: a review of advancements and opportunities. J. Netw. Comput. Appl. 225, 103858. doi:10.1016/j.jnca.2024.103858
Rizal, S., and Kim, D.-S. (2025). Enhancing blockchain consensus mechanisms: a comprehensive survey on machine learning applications and optimizations. Blockchain Res. Appl., 100302. doi:10.1016/j.bcra.2025.100302
RocketMeUP Cybersecurity (2024). Flash loan attacks — comprehensive analysis of risks and prevention | by RocketMe Up cybersecurity | medium, medium.com. Available online at: https://medium.com/@RocketMeUpCybersecurity/flash-loan-attacks-comprehensive-analysis-of-risks-and-prevention-985743160f55 (Accessed June 24, 2025).
Rosenblatt, F. (1958). The perceptron: a probabilistic model for information storage and organization in the brain. Psychol. Rev. 65 (6), 386–408. doi:10.1037/h0042519
Rudin, C. (2019). Stop explaining black box machine learning models for high stakes decisions and use interpretable models instead. Nat. Mach. Intell. 1 (5), 206–215. doi:10.1038/s42256-019-0048-x
Rumelhart, D. E., Hinton, G. E., and Williams, R. J. (1986). Learning representations by back-propagating errors. Nature 323 (6088), 533–536. doi:10.1038/323533a0
Sata, B. (2021). “Connecting AI-based oracles to blockchains via an auditable auction protocol,” in 2021 3rd conference on blockchain research and applications for innovative networks and services, BRAINS 2021, 23–24. doi:10.1109/BRAINS52497.2021.9569808
Silver, D., Huang, A., Maddison, C. J., Guez, A., Sifre, L., van den Driessche, G., et al. (2016). Mastering the game of Go with deep neural networks and tree search. Nature 529 (7587), 484–489. doi:10.1038/nature16961
Stenson, R. (2016). Is this the first time anyone printed, ‘garbage In, garbage out’? - atlas obscura, atlasobscura.com. Available online at: https://www.atlasobscura.com/articles/is-this-the-first-time-anyone-printed-garbage-in-garbage-out (Accessed June 28, 2025).
Stevens, R. (2020). After DeFi lost $100 million to flash loan attacks, curve pushes chainlink, decrypt. Available online at: https://decrypt.co/49758/after-100-million-lost-to-flash-loan-attacks-curve-pushes-chainlink (Accessed February 12, 2021).
Stevens, R. (2023). What are blockchain oracles (i.e. chainlink)? - unchained, unchainedcrypto. Available online at: https://unchainedcrypto.com/what-are-blockchain-oracles/ (Accessed June 24, 2025).
Strubell, E., Ganesh, A., and McCallum, A. (2020). Energy and policy considerations for modern deep learning research. Proc. AAAI Conf. Artif. Intell. 34 (09), 13693–13696. doi:10.1609/aaai.v34i09.7123
Sutskever, I., Vinyals, O., and Le, Q. V. (2014). Sequence to sequence learning with neural networks. Available online at: http://arxiv.org/abs/1409.3215.
Sutton, R. S. (1988). Learning to predict by the methods of temporal differences. Mach. Learn. 3 (1), 9–44. doi:10.1007/BF00115009
Sutton, R. S., and Barto, A. G. (1998). Reinforcement learning: an introduction. IEEE Trans. Neural Netw. 9 (5), 1054. doi:10.1109/TNN.1998.712192
Swan, M. (2015). Blockchain: blueprint for a new economy. 1st editio. O’Reilly. Available online at: https://www.oreilly.com/library/view/blockchain/9781491920480/.
Syracuse University (2025). Key benefits of AI in 2025: how AI transforms industries, ischool.syracuse.edu. Available online at: https://ischool.syracuse.edu/benefits-of-ai/?utm_source=chatgpt.com (Accessed July 2, 2025).
Szegedy, C. (2013). Intriguing properties of neural networks. Available online at: http://arxiv.org/abs/1312.6199.
Sztorc, P. (2015). Truthcoin peer-to-peer oracle system and prediction marketplace. Bitcoinhivemind. Com. Available online at: https://bitcoinhivemind.com/papers/truthcoin-whitepaper.pdf (Accessed February 15, 2023).
Sztorc, P. (2017). The oracle problem. Available online at: https://www.infoq.com/presentations/blockchain-oracle-problems (Accessed March 3, 2020).
Taghavi, M., Bentahar, J., Otrok, H., and Bakhtiyari, K. (2022). A reinforcement learning model for the reliability of blockchain oracles. Expert Syst. Appl. 214, 119160. doi:10.1016/j.eswa.2022.119160
Tasca, P., and Tessone, C. J. (2019). A taxonomy of blockchain technologies: principles of identification and classification. Ledger 4, 1–39. doi:10.5195/ledger.2019.140
Tellor (2020). Tellor: a decentralized oracle network, tellor docs. Available online at: https://docs.tellor.io/tellor/whitepaper/introduction (Accessed March 29, 2021).
Tesauro, G. (1994). TD-Gammon, a self-teaching backgammon program, achieves master-level play. Neural Comput. 6 (2), 215–219. doi:10.1162/neco.1994.6.2.215
Thompson, N. (2023). The computational limits of deep learning, 4, 2–5. doi:10.21428/bf6fb269.1f033948
Thomson, C. (2016). The DAO of ETHEREUM: analyzing the DAO hack, the blockchain, smart contracts, and the law. Medium. Available online at: https://medium.com/blockchain-review/the-dao-of-ethereum-e228b93afc79 (Accessed April 3, 2020).
Tosin Adewale, T., Olorunyomi, T. D., and Odonkor, T. N. (2022). Blockchain-enhanced financial transparency: a conceptual approach to reporting and compliance. Int. J. Front. Sci. Technol. Res. 2 (1), 024–045. doi:10.53294/ijfstr.2022.2.1.0027
Turing, A. M. (1950). Computing machinery and intelligence (Oxford University Press on behalf of the Mind), 59, 433–460.
Ul Hassan, M., Rehmani, M. H., and Chen, J. (2023). Anomaly detection in blockchain networks: a comprehensive survey. IEEE Commun. Surv. Tutorials 25, 289–318. doi:10.1109/COMST.2022.3205643
Vaswani, A. (2017). ‘Attention is all you need’, advances in neural information processing systems, 2017-Decem(Nips), 5999–6009.
Wang, Z., Gao, M., and Lu, G. (2024). Research on oracle technology based on multi-threshold aggregate signature algorithm and enhanced trustworthy oracle reputation mechanism. Sensors 24 (2), 502. doi:10.3390/s24020502
Watkins, C. J. C. H., and Dayan, P. (1992). Q-learning. Mach. Learn. 8 (3–4), 279–292. doi:10.1007/BF00992698
Weizenbaum, J. (1983). ELIZA—A computer program for the study of natural language communication between man and machine. Commun. ACM 26 (1), 23–28. doi:10.1145/357980.357991
Wiener, N. (1960). Some moral and technical consequences of automation. Science 131 (3410), 1355–1358. doi:10.1126/science.131.3410.1355
Williams, C. (2020). Compound user liquidated for $49 million, price oracle blamed, CryptoBriefing. Available online at: https://cryptobriefing.com/compound-user-liquidated-49-million-price-oracle-blamed/ (Accessed March 11, 2021).
Wolf, D. B. (2020). Exploring blockchain technology for government transparency: blockchain-based public procurement to reduce corruption. World Econ. Forum Insight Rep. 2020(June), 1–48. Available online at: https://www3.weforum.org/docs/WEF_Blockchain_Government_Transparency_Report.pdf.
Xian, Y., Zeng, X., Xuan, D., Yang, D., Li, C., Fan, P., et al. (2024). Connecting large language models with blockchain: advancing the evolution of smart contracts from automation to intelligence. Available online at: http://arxiv.org/abs/2412.02263.
Xu, Z., Wang, J., Zha, C., Li, X., and Yin, H. (2023). “SmartLLM: a new oracle system for smart contracts calling large language models,” in Proceedings - 2023 IEEE 22nd international conference on trust, security and privacy in computing and communications, TrustCom/BigDataSE/CSE/EUC/iSCI 2023, 2668–2675. doi:10.1109/TrustCom60117.2023.00372
Yermack, D. (2017). Corporate governance and blockchains. Rev. Finance 21 (1), 7–31. doi:10.1093/rof/rfw074
Zellers, R. (2019). “Defending against neural fake news,” in Proceedings of the 33rd international conference on neural information processing systems. doi:10.5555/3454287.3455099
Zhang, F., Cecchetti, E., Croman, K., Juels, A., and Shi, E. (2016). Town crier: an authenticated data feed for smart contracts. New York, NY, USA: Association for Computing Machinery. doi:10.1145/2976749.2978326
Zhang, H. (2025). A trust-aware and cost-optimized blockchain oracle selection model with deep reinforcement learning. Available online at: http://arxiv.org/abs/2502.16133.
Zhao, P. (2025). Data poisoning in deep learning: a survey. Available online at: http://arxiv.org/abs/2503.22759.
Zintus-Art, K., Vass, B., and Ward, J. (2025). Empirical evidence in AI oracle development, blog.chain.link. Available online at: https://blog.chain.link/ai-oracles/#:∼:text=Recentadvancementsinlargelanguage,withenhancedtransparencyandpotential (Accessed May 18, 2025).
Keywords: blockchain oracles, oracle problem, artificial intelligence, anomaly detection, trustless systems, data verification, large language models, smart contracts
Citation: Caldarelli G (2025) Can artificial intelligence solve the blockchain oracle problem? Unpacking the challenges and possibilities. Front. Blockchain 8:1682623. doi: 10.3389/fbloc.2025.1682623
Received: 09 August 2025; Accepted: 10 November 2025;
Published: 03 December 2025.
Edited by:
Carlo Campajola, University College London, United KingdomReviewed by:
Akshat Gaurav, Ronin Institute, United StatesPetrus Martens, Georgia State University, United States
Copyright © 2025 Caldarelli. This is an open-access article distributed under the terms of the Creative Commons Attribution License (CC BY). The use, distribution or reproduction in other forums is permitted, provided the original author(s) and the copyright owner(s) are credited and that the original publication in this journal is cited, in accordance with accepted academic practice. No use, distribution or reproduction is permitted which does not comply with these terms.
*Correspondence: Giulio Caldarelli, Z2l1bGlvLmNhbGRhcmVsbGlAdW5pdG8uaXQ=
†ORCID: Giulio Caldarelli, orcid.org/0000-0002-8922-7871