Off-chain signing of data

There is a hybrid solution that still depends on third-party oracles, yet does not let them tamper with the data. In this scheme, the API provider signs their data with their private key off-chain and serves it over a regular API endpoint. Third- party oracles call this endpoint to get the signed data and post it to the chain. The authenticity of the data—that it is not tampered with by the third party oracles— can then be verified on-chain using the public key of the API provider.

Although it eliminates the risk of data tampering at the oracle level, this solution is essentially a half-measure. By depending on third-party oracles, it continues suffering from the ecosystem issues caused by depending on third-party oracles, and, in addition, requires modifications at the API-side to implement off-chain signing.This results in a severely limited API selection even compared to the regular third- party oracle based solutions, and restricts the ecosystem growth potential of the solution to the application-scale.