DECO (short for Decentralized Confidentiality) is a cryptographic protocol that enables TLS-based data sources—such as traditional bank accounts, government portals, or corporate APIs—to become verifiable data providers for blockchains. It leverages zero-knowledge proofs (ZKPs) and secure hardware to allow a user to generate a proof that a specific piece of data from a web server meets certain conditions, which is then relayed to a smart contract by a Chainlink oracle. The core innovation is that the oracle network never sees the user's raw, sensitive data, such as account balances or personal identifiers, preserving user privacy while enabling complex, data-dependent DeFi, identity, and compliance applications.
LABS
Glossary
DECO
A decentralized oracle protocol that uses zero-knowledge proofs to allow users to prove properties of private web data without revealing the data itself.
Chainscore © 2026
definition
PRIVACY PROTOCOL
What is DECO?
DECO is a privacy-preserving oracle protocol developed by Chainlink Labs that allows users to prove facts about their private data to smart contracts without revealing the underlying data itself.
The protocol operates through a three-party model involving a Prover (the data owner), a Verifier (a DECO node/oracle), and a Web Server (the TLS-based data source). The Prover establishes a standard TLS 1.3 session with the Web Server. Using cryptographic techniques, the Prover can then generate a proof for the Verifier that a specific, hidden value within the TLS session—like a date of birth on a passport page—satisfies a public predicate, such as "is over 18." This process, known as proof of TLS session, ensures data authenticity (it came from the legitimate server) and confidentiality (the Verifier only learns the proof, not the data).
DECO's architecture solves critical trust problems in connecting Web2 and Web3. It prevents oracle nodes from data snooping or selective reporting, as the proof cryptographically commits to the entire TLS transcript. Major use cases include privacy-preserving identity verification (KYC/AML without exposing personal data), under-collateralized lending based on private credit scores or income verification, and confidential proof of reserves for institutions. By providing a trust-minimized bridge for private data, DECO expands the design space for smart contracts beyond purely on-chain information, enabling a new class of applications that require both real-world data and user privacy.
etymology
DECO
Etymology and Origin
The term DECO, an acronym for **D**ecentralized **C**orrelating **O**racle, originates from a specific research lineage within applied cryptography and blockchain scaling.
The name DECO was coined by a team of researchers from Cornell University, including notable cryptographers like Fan Zhang and Ari Juels. It was first formally introduced in a 2020 academic paper titled "DECO: Liberating Web Data Using Decentralized Oracles for TLS." The acronym itself directly describes its core function: a decentralized system for correlating and verifying data from the traditional web (TLS sessions) for use by smart contracts, acting as an oracle. This positions it within the broader family of oracle protocols but with a distinct cryptographic foundation.
DECO's intellectual origin is deeply rooted in zero-knowledge proofs and specifically adapts the PPID (Plaintext Proof of Knowledge of Decryption) technique from earlier work. Its primary innovation was repurposing the TLS handshake—the protocol that secures HTTPS connections—as a verifiable data source. Instead of simply fetching data, DECO allows a prover to cryptographically demonstrate to a decentralized set of verifiers that specific data came from a legitimate TLS session with a trusted website, without revealing private keys or session secrets. This approach addressed a key limitation of earlier oracles: proving the provenance and integrity of web data at its source.
The protocol's development was closely associated with the Chainlink ecosystem, which integrated DECO as a core research and development initiative through Chainlink Labs. This provided a practical pathway for its implementation, aiming to bring its advanced privacy-preserving and high-integrity data capabilities to a broad developer audience. Consequently, DECO evolved from an academic cryptographic construct into a specialized oracle solution for use cases requiring verified data from web2 APIs, such as private financial attestations or identity verification, where simply transmitting raw data is insufficient or insecure.
how-it-works
TLS PROOF SYSTEM
How DECO Works
DECO (Decentralized Oracle) is a privacy-preserving oracle protocol that allows users to prove statements about their private web data without revealing the underlying data itself.
DECO leverages TLS (Transport Layer Security) to establish a secure, authenticated connection between a user's browser and a web server, just like a standard HTTPS session. The core innovation is that a third-party prover (an oracle node) can cryptographically verify the authenticity and integrity of the data fetched during this session without ever seeing the raw data or the user's private credentials. This is achieved through a series of zero-knowledge proofs and cryptographic commitments executed within the secure TLS channel.
The protocol operates in three main phases. First, during the Commitment Phase, the user and the prover establish a TLS connection to the target server, and the user commits to the data they receive. Next, in the Proof Generation Phase, the user proves to the prover that the committed data satisfies a specific condition (e.g., "my account balance is > X") using zero-knowledge proofs, without revealing the balance itself. Finally, in the Attestation Phase, the prover generates a succinct cryptographic attestation of this proof that can be verified on-chain by a smart contract.
This architecture enables powerful new use cases for smart contracts. For example, a lending protocol can request a proof of account ownership and minimum balance from a traditional bank's website to underwrite a loan, all without the user exposing their login details or transaction history. DECO transforms private, legacy web data into a verifiable input for decentralized applications, bridging Web2 and Web3 while maintaining user sovereignty over their personal information.
key-features
DECO
Key Features
DECO is a privacy-preserving oracle protocol that allows users to prove facts about private data (e.g., web session data, KYC status) to smart contracts without revealing the underlying data itself.
01
Zero-Knowledge Proofs for Web Data
DECO enables TLS notaries to generate zero-knowledge proofs (ZKPs) that attest to the authenticity of data fetched from any HTTPS website. This allows a smart contract to verify statements like "this user's account balance on Exchange X is > $10,000" without learning the actual balance or the user's identity.
02
Trusted Execution Environment (TEE) Integration
The protocol can leverage a Trusted Execution Environment (TEE), like Intel SGX, as a secure, isolated hardware component. The TEE acts as a trusted prover, handling the private keys and data session, generating proofs that the data came from a legitimate TLS session without exposing it.
03
Selective Disclosure & Conditional Proofs
Users maintain full control and can prove specific, granular predicates about their data. For example:
- Prove you are over 18 without revealing your birth date.
- Prove a transaction is from a whitelisted address without revealing your full portfolio.
- Prove an API response meets a certain condition without disclosing the full response.
04
Decentralized Oracle Security Model
DECO oracles are decentralized and can be run by multiple independent parties. The system's security does not rely on trusting a single oracle, but on the cryptographic soundness of the proofs and the attestation of the TEE (if used). This reduces single points of failure.
05
Use Cases: Private DeFi & Identity
Enables complex DeFi and identity applications that require verified off-chain data:
- Under-collateralized Lending: Prove income or credit score privately.
- Compliance: Prove KYC/AML status without exposing personal documents.
- GameFi: Verify in-game asset ownership confidentially for cross-chain bridging.
06
Comparison to Other Oracle Solutions
Unlike standard oracles (e.g., Chainlink) that deliver raw public data, DECO is designed for private data. It solves the oracle problem for information that cannot be publicly broadcast, bridging the gap between the legacy web's private data silos and public blockchain verifiability.
primary-use-cases
DECO
Primary Use Cases
DECO (Decentralized Oracle) is a privacy-preserving oracle protocol that enables smart contracts to securely verify data from any HTTPS/TLS web server without revealing the underlying data or query. Its primary use cases focus on bringing sensitive, authenticated off-chain information on-chain.
01
Private Data Attestation
DECO allows users to prove statements about private data from web services (e.g., bank balances, KYC status, academic records) without revealing the raw data itself. This enables selective disclosure for DeFi, identity, and compliance.
- Example: Proving a credit score is above 700 for a loan without showing the full report.
- Mechanism: Uses zero-knowledge proofs and TLS notary proofs to cryptographically attest to the data's authenticity and the user's claim.
02
Secure Price Feeds & Market Data
Provides a trust-minimized method for fetching authenticated price data from traditional financial APIs (like Bloomberg or Reuters) for use in derivatives and synthetic asset protocols.
- Advantage over Public APIs: The data source's TLS signature proves it hasn't been tampered with, mitigating man-in-the-middle attacks and data manipulation.
- Use Case: A derivatives contract can securely settle based on a verifiable S&P 500 index price pulled directly from an authorized publisher.
03
Cross-Chain Verification & Bridging
Enables the secure verification of state and events from one blockchain to another without relying on a centralized bridge operator.
- Process: A light client on Chain A can use DECO to query and prove the state of a smart contract on Chain B via a TLS-signed RPC endpoint.
- Benefit: Reduces trust assumptions in cross-chain messaging and bridges, moving towards sovereign verification of foreign chain state.
04
Authenticated Randomness & Entropy
Sources verifiable randomness from external, high-entropy services (like NIST's randomness beacon or lotteries) for applications requiring provably fair and unpredictable outcomes.
- How it works: The randomness provider signs their data with TLS. DECO proves the data came from the legitimate source and that specific bits were used, without revealing future entropy.
- Application: Gaming, NFT minting, and consensus mechanisms can use this for on-chain randomness that is resistant to manipulation by miners/validators.
05
Enterprise Data Oracles
Facilitates the use of sensitive corporate or institutional data in smart contracts while maintaining confidentiality and audit trails.
- Scenario: A supply chain smart contract can verify a shipment's status from a logistics company's private API.
- Key Feature: The enterprise data provider does not need to publicly expose its API; it only needs to support TLS. DECO's proofs ensure the data is authentic and the query was performed correctly, preserving business confidentiality.
06
Minimizing Oracle Extractable Value (OEV)
Reduces the risk of Oracle Extractable Value—profit miners/validators can extract by manipulating oracle updates—by making data queries and delivery more verifiable and less predictable.
- Mechanism: By tying data to a TLS proof from the original source at a specific time, it becomes harder for a block producer to front-run or delay a data point for profit.
- Impact: Increases the security and fairness of DeFi protocols that rely on timely external data for liquidations or pricing.
ARCHITECTURE COMPARISON
DECO vs. Traditional Oracles
A technical comparison of DECO's zero-knowledge proof-based oracle design against conventional blockchain oracle models.
| Feature / Metric | DECO (Chainlink) | Traditional Oracles (e.g., Basic Data Feeds) |
|---|---|---|
Core Security Mechanism | Zero-Knowledge Proofs (TLS notary proofs) | Cryptoeconomic staking & reputation |
Data Integrity Guarantee | Cryptographic proof of source & correctness | Trust in oracle node operator honesty |
Data Source Authentication | Proven TLS session with specific web server | Unverified; relies on oracle's claim |
Privacy for User Data | Yes; proofs can hide sensitive inputs | No; raw data is typically exposed |
Latency Overhead | ~300-500 ms for proof generation | < 100 ms for simple query |
Computational Cost | High (client-side ZKP generation) | Low |
Trust Assumption | Trust the TLS root certificate authority | Trust the oracle network or node |
Primary Use Case | Private inputs, authenticated data from TLS web | Public market data, weather, sports scores |
technical-details-tls-nizk
DECO PROTOCOL
Technical Deep Dive: TLS and Proofs
DECO is a privacy-preserving oracle protocol that enables smart contracts to securely and privately verify data from any TLS-encrypted web source without revealing the underlying data or compromising user credentials.
DECO, which stands for Decentralized Oracle, is a cryptographic protocol developed by researchers at Cornell Tech. Its core innovation is allowing a prover to convince a verifier (like a smart contract) that a piece of data retrieved from a TLS-secured website (e.g., https://example.com) is authentic and meets certain conditions, without revealing the data itself or the user's session secrets. This is achieved through a sophisticated three-party handshake that integrates with the existing Transport Layer Security (TLS) protocol, the foundation of HTTPS. DECO effectively creates zero-knowledge proofs about web data, proving statements like "my bank balance is greater than X" or "I am over 18" without disclosing the exact balance or birth date.
The protocol's security hinges on its integration with TLS. During a standard TLS session, a client and server establish a shared secret key. DECO introduces a third party—the verifier—into this process using a technique called session key escrow. The prover's client splits the TLS master secret into shares, sending one to the server (as normal) and a commitment to another to the verifier. Later, when making a claim about data on the page, the prover can generate a proof that the data was derived from a legitimate TLS stream with that committed secret. This ensures data authenticity (it came from the real server) and privacy (the full content isn't exposed).
DECO enables powerful new privacy-preserving applications for smart contracts. Key use cases include: - Private identity verification: Proving age or citizenship from a government website without revealing the ID number. - Confidential financial proofs: Demonstrating credit score thresholds or account sufficiency for a loan without exposing transaction history. - Authenticated data feeds: Oracles can prove data (like a stock price) came from a legitimate source without the data being publicly readable on-chain until needed. This moves beyond simple oracle data delivery to a framework for verifiable computation on private web data.
Implementing DECO requires careful consideration. The prover must run a modified TLS client, and the verification of the cryptographic proofs on-chain can be computationally expensive, though advancements in proof systems like zk-SNARKs help mitigate this. Furthermore, the protocol assumes the TLS server is honest and the prover's initial connection is legitimate; it cannot prevent a prover from querying a maliciously crafted site. Despite these complexities, DECO represents a fundamental leap in connecting the trust-minimized world of blockchains with the private, credentialed data of the traditional web, enabling a new class of confidential DeFi and identity solutions.
security-considerations
DECO
Security Model & Considerations
DECO (Decentralized Oracle) is a privacy-preserving oracle protocol that enables smart contracts to securely verify data from TLS-encrypted web sources without revealing the underlying data or compromising user privacy.
01
Zero-Knowledge Proofs for Web Data
DECO's core mechanism uses zero-knowledge proofs (ZKPs) to allow a prover to convince a verifier that a piece of data from a TLS session (e.g., a bank balance or KYC status) satisfies a public condition, without revealing the data itself. This enables privacy-preserving attestations where only the proof of a statement is submitted on-chain.
02
TLS Session Authentication
The protocol leverages the widely adopted Transport Layer Security (TLS) protocol. A prover establishes a TLS session with a web server, and DECO's cryptographic protocols allow them to generate proofs about the data received, cryptographically tied to the server's identity. This provides cryptographic assurance that the data originated from a specific, authenticated source.
03
Trust Model & Decentralization
DECO reduces trust compared to traditional oracles. It does not rely on a committee's honesty about data content. Instead, trust is placed in:
- The cryptographic soundness of the ZKP and TLS protocols.
- The correctness of the prover's client software.
- The integrity of the data source's TLS certificate. Malicious provers can only lie by not completing the protocol, not by forging valid proofs for false statements.
04
Key Security Considerations
While cryptographically strong, DECO introduces unique considerations:
- Prover Liveness: The system requires at least one honest, available prover to fetch data and generate proofs.
- Source Reliability: Garbage in, garbage out. DECO proves data came from a source, not that the source's data is correct.
- Client-Side Security: The prover's machine must be secure; malware could compromise the process.
- Cost & Complexity: Generating ZKPs for web data is computationally intensive, impacting latency and cost.
05
Comparison to Other Oracle Models
DECO differs fundamentally from other oracle designs:
- vs. Chainlink: Chainlink uses a decentralized network of nodes to fetch and consensus on public data. DECO enables private data attestations from TLS sources.
- vs. TLSNotary: TLSNotary requires a trusted third party. DECO removes this need through multi-party computation and ZKPs.
- vs. API3: API3 focuses on first-party oracles. DECO is a protocol for verifying data from any TLS-enabled source, including third parties.
06
Potential Applications
DECO enables smart contracts to privately verify real-world credentials, unlocking use cases like:
- Under-collateralized Lending: Proof of income or credit score without exposing details.
- Privacy-Preserving KYC/AML: Attesting user identity compliance for DeFi access.
- Authenticated Data Feeds: Verifying specific data points from private APIs (e.g., enterprise supply chain data).
- Cross-Chain Asset Transfers: Proving ownership of assets on another chain without revealing full transaction history.
ecosystem-usage
DECO
Ecosystem and Implementation
DECO (Decentralized Oracle) is a privacy-preserving oracle protocol developed by Chainlink Labs that enables smart contracts to use private data from any HTTPS/TLS web API without revealing the data to the oracle network or the public blockchain.
01
Core Mechanism: Zero-Knowledge Proofs
DECO's core innovation is its use of zero-knowledge proofs (ZKPs) within the TLS protocol. It allows a prover (e.g., a web server) to cryptographically prove to a verifier (a DECO node) that a piece of data from a private API meets certain conditions, without revealing the data itself. This process involves:
- Session Resumption: Re-establishing a TLS session to prove the data came from a specific, authenticated source.
- Proof of TLS Session: Generating a ZKP that a specific plaintext value was transmitted in that session.
- Selective Redaction: The prover can redact sensitive parts of the data while proving statements about the remaining parts.
02
Key Technical Components
DECO's architecture is built on several critical cryptographic and networking components:
- TLS 1.3 Integration: Leverages the latest TLS standard for secure, authenticated communication with web servers.
- Commitment Schemes: Used to bind the prover to a specific piece of data before the proof is generated.
- Decentralized Oracle Network: DECO proofs are verified by a decentralized network of nodes (like Chainlink oracles) to ensure censorship resistance and reliability.
- Condition Scripts: Define the logic for what data to fetch and what properties to prove (e.g., "prove this user's balance is > X").
03
Primary Use Cases
DECO enables a new class of smart contract applications that require private, real-world data:
- Private Identity Verification: Prove KYC/AML status or age without revealing identity documents.
- Credit Scoring & Underwriting: Securely use credit scores from traditional institutions for DeFi loans.
- Institutional Portfolio Proofs: Prove ownership or performance of off-chain assets for collateralization.
- Authenticated Data Feeds with Privacy: Create price oracles where the source data (e.g., institutional trade data) remains confidential.
04
Comparison to Other Oracle Solutions
DECO differs fundamentally from traditional oracles:
- Chainlink Data Feeds: Provide public, aggregated data (e.g., ETH/USD price). DECO provides private, user-specific data.
- Basic HTTP GET Oracles: Fetch and publish data in plaintext on-chain, exposing all details. DECO keeps the data off-chain and private, publishing only a proof.
- TLSNotary: An older, deprecated scheme for TLS attestation. DECO is more efficient, supports TLS 1.3, and uses modern cryptographic proofs.
06
Challenges & Considerations
Implementing DECO involves addressing several practical challenges:
- Prover Cooperation: The data source (web server) must run the DECO prover software, requiring adoption by traditional institutions.
- Computational Overhead: Generating zero-knowledge proofs for TLS sessions adds latency and computational cost.
- Trust Assumptions: While the data is private, users must trust the prover to execute the protocol honestly. The oracle network verifies the proof's correctness, not the prover's intent.
DECO
Common Misconceptions
DECO (Decentralized Oracle) is a privacy-preserving oracle protocol, but its specific mechanisms and capabilities are often misunderstood. This section clarifies its core function and dispels frequent inaccuracies.
DECO is not a blockchain or a cryptocurrency. It is a privacy-preserving oracle protocol developed by Chainlink Labs. DECO enables smart contracts to use data from any HTTPS/TLS web server without revealing that data to the oracle network or the public blockchain, using zero-knowledge proofs (ZKPs) and cryptographic attestations to prove the data's authenticity and integrity.
DECO
Frequently Asked Questions
DECO is a privacy-preserving oracle protocol developed by Chainlink Labs. It enables smart contracts to access and verify private data from web servers without revealing that data to the oracle network or the blockchain. These questions address its core mechanisms and applications.
DECO (Decentralized Oracle) is a zero-knowledge oracle protocol that allows smart contracts to use data from TLS-encrypted web sessions without exposing the raw data. It works by having an oracle node run a TLS notary protocol alongside the data source's server. This process generates a cryptographic proof that specific data (e.g., a user's bank balance) was present in the encrypted session and meets certain conditions, without revealing any other private information. The proof is then delivered on-chain for the smart contract to verify and act upon, enabling privacy-preserving DeFi, identity verification, and confidential RNG.
ENQUIRY
Get In Touch
today.
Our experts will offer a free quote and a 30min call to discuss your project.
NDA Protected
Confidentiality24h Response
Time to ValueDirectly to Engineering Team
No Sales Fluff10+
Protocols Shipped
$20M+
TVL Overall