Loading...
Sign In private.meDocs
Get xFeed
PRIVATE.ME PLATFORM

xFeed: Blockchain Oracle Integrity

XorIDA splits oracle data across independent providers with threshold reconstruction and reputation scoring. A single manipulated price feed cannot drain a protocol -- threshold consensus is required.

Financial / DeFi COMING SOON XorIDA Powered
Section 01

The Problem

Blockchain oracles are single points of failure for DeFi. A single manipulated price feed can drain entire protocols. Oracle manipulation has caused hundreds of millions in losses through flash loan attacks and feed corruption.

DeFi protocols depend on oracles to bring off-chain data (prices, events, weather) onto the blockchain. When a protocol trusts a single oracle source, that source becomes the highest-value attack target in the entire system. Flash loan attacks manipulate oracle prices within a single transaction to drain lending protocols.

Current oracle solutions aggregate multiple sources but do so transparently -- the aggregation logic is visible on-chain and can be gamed. Weighted median oracles can be manipulated by corrupting a critical mass of visible sources. There is no mechanism ensuring that individual source data remains private until threshold aggregation produces the final value.

The Old Way

Price Data Off-chain feed CENTRAL PROCESSOR Single Oracle Full feed exposure Flash loan attacks Protocol drained $100M+ losses
Section 02

The PRIVATE.ME Solution

xFeed splits oracle data across independent providers using XorIDA. Threshold reconstruction prevents single-source manipulation. Reputation scoring weights providers based on historical accuracy.

Data is published through publishMessage(), which splits each message into N HMAC-signed shares distributed across independent channels. Each channel holds only its share. A subscriber created via subscribe() collects K-of-N shares, verifies HMAC integrity, and reconstructs the message. No individual share reveals the underlying value until threshold reconstruction.

A built-in reputation system tracks provider accuracy over time. Providers whose shares consistently reconstruct to values that deviate from the consensus are penalized. This creates economic incentives for honest oracle provision while using XorIDA's information-theoretic guarantees to prevent preview of individual submissions.

The New Way

Oracle Data Price feed XORIDA SPLIT K-of-N providers Reputation weighted Provider 1 Data share Provider 2 Data share Provider N Data share HMAC VERIFY Aggregate Result Consensus value
Section 03

How It Works

Oracle data flows through a three-stage pipeline: independent submission, threshold aggregation with HMAC verification, and reputation-weighted consensus output.

STAGE 1: SUBMIT Independent Feeds N providers submit data shares HMAC-signed per share STAGE 2: AGGREGATE Threshold Reconstruct K-of-N shares collected HMAC verified per provider STAGE 3: PUBLISH Consensus Output Reputation-weighted result Published to chain MANIPULATION RESISTANCE Single-source manipulation impossible · Flash loan attacks ineffective · Reputation penalizes dishonesty
Key Security Properties
No front-running: Individual provider submissions are unintelligible shares -- no one can preview individual data before aggregation. Manipulation resistance: Corrupting below-threshold providers has zero effect on the aggregate. Reputation scoring: Providers whose data consistently deviates from consensus lose reputation weight over time.
Section 04

Use Cases

DeFi
DeFi Price Feeds

Token prices aggregated from independent providers with threshold consensus. Flash loan attacks cannot manipulate below-threshold providers.

Price Oracle
Cross-Chain
Cross-Chain Data Relay

On-chain events from one chain relayed to another via distributed oracle providers. Threshold consensus prevents false event reporting.

Interoperability
Insurance
Parametric Insurance Triggers

Weather and event data for parametric insurance policies. Threshold oracle prevents single-source manipulation of payout triggers.

Parametric
Gaming
Sports Betting Data Feeds

Game scores and event outcomes from independent providers. Threshold reconstruction prevents single-source score manipulation.

Verifiable Feeds
Section 05

Integration

Quick Start
import { createFeedManager } from '@private.me/xfeed';

const manager = createFeedManager();

// Create an encrypted feed
await manager.createFeed('market-data', {
  name: 'Real-time Market Data',
  description: 'Live stock quotes and trades',
  category: 'financial',
  messageRate: 1000
});

// Publish a message split into 3 shares (2-of-3 threshold)
const payload = new TextEncoder().encode(JSON.stringify({ ticker: 'AAPL', price: 150.25 }));
const published = await manager.publishMessage('market-data', payload, {
  threshold: 2,
  totalShares: 3,
  enableProofs: true
});

// Subscribe to the feed (messages reconstructed from threshold shares)
const subscription = await manager.subscribe(
  'market-data',
  'did:key:z6Mk...',
  async (message) => {
    const data = JSON.parse(new TextDecoder().decode(message.payload));
    console.log('Received:', data);
  },
  { verifyMessages: true, enableAudit: true }
);
createFeedManager(): FeedManager
Creates a feed manager for encrypted real-time data feed distribution. Returns a FeedManager exposing createFeed, publishMessage, subscribe, unsubscribe, verifyMessage, and getAuditTrail.
publishMessage(feedId: string, payload: Uint8Array, options?: PublishOptions): Promise<Result<string, FeedError>>
Publishes a message to a feed, splitting the payload into K-of-N HMAC-signed shares using XorIDA (threshold and totalShares set via PublishOptions). Each share reveals nothing about the payload until threshold reconstruction. Returns the message ID or a FeedError.
subscribe(feedId: string, subscriber: string, handler: MessageHandler, options?: SubscribeOptions): Promise<Result<FeedSubscription, FeedError>>
Subscribes a DID to a feed. Messages are reconstructed from threshold shares, optionally verified (verifyMessages) and audited (enableAudit), then delivered to the handler callback. Returns a FeedSubscription or a FeedError.
Section 06

Security Properties

PropertyMechanismGuarantee
Feed ConfidentialityXorIDA K-of-N thresholdInformation-theoretic
Manipulation ResistanceThreshold consensusBelow-threshold corruption fails
Front-Running PreventionUnintelligible sharesNo individual preview
Provider AccountabilityReputation scoringEconomic penalties for dishonesty
Quantum ResistanceGF(2) operations, no keysUnconditional security
<1ms
Typical payload
K-of-N
Provider threshold
0
Single-source influence
256-bit
HMAC integrity
VERIFIED BY XPROVE

Verifiable Data Protection

Every operation in this ACI produces a verifiable audit trail via xProve. HMAC-chained integrity proofs let auditors confirm that data was split, stored, and reconstructed correctly — without accessing the data itself.

XPROVE AUDIT TRAIL
Every XorIDA split generates HMAC-SHA256 integrity tags. xProve chains these into a tamper-evident audit trail that proves data was handled correctly at every step. Upgrade to zero-knowledge proofs when regulators or counterparties need public verification.

Read the xProve white paper →
GET STARTED

Ready to deploy xFeed?

Talk to Ren, our AI sales engineer, or book a live demo with our team.

Book a Demo

Pricing

PRICING
Coming Soon
Pricing details will be available when this ACI launches. Subscribe to updates to be notified.
Questions about this ACI? Contact us
PRIVATE.ME · xFeed WHITE PAPER

© 2026 StandardClouds Inc. dba PRIVATE.ME. All rights reserved.

VERIFIABLE WITHOUT CODE EXPOSURE

Ship Proofs, Not Source

xFeed generates cryptographic proofs of correct execution without exposing proprietary algorithms. Verify integrity using zero-knowledge proofs — no source code required.

XPROVE CRYPTOGRAPHIC PROOF
Download proofs:

Verify proofs online →

Use Cases

REGULATORY
FDA / SEC Submissions
Prove algorithm correctness for distributed systems without exposing trade secrets or IP.
Zero IP Exposure
FINANCIAL
Audit Without Access
External auditors verify secure operations without accessing source code or production systems.
FINRA / SOX Compliant
DEFENSE
Classified Verification
Security clearance holders verify distributed systems correctness without clearance for source code.
CMMC / NIST Ready
ENTERPRISE
Procurement Due Diligence
Prove security + correctness during RFP evaluation without NDA or code escrow.
No NDA Required

Deployment Options

SaaS Recommended

Fully managed infrastructure. Call our REST API, we handle scaling, updates, and operations.

  • Zero infrastructure setup
  • Automatic updates
  • 99.9% uptime SLA
  • Enterprise SLA available
View Pricing →

SDK Integration

Embed directly in your application. Runs in your codebase with full programmatic control.

  • npm install @private.me/xfeed
  • TypeScript/JavaScript SDK
  • Full source access
  • Enterprise support available
Get Started →

On-Premise Upon Request

Enterprise CLI for compliance, air-gap, or data residency requirements.

  • Complete data sovereignty
  • Air-gap capable deployment
  • Custom SLA + dedicated support
  • Professional services included
Request Quote →

Enterprise On-Premise Deployment

While xFeed is primarily delivered as SaaS or SDK, we build dedicated on-premise infrastructure for customers with:

  • Regulatory mandates — HIPAA, SOX, FedRAMP, CMMC requiring self-hosted processing
  • Air-gapped environments — SCIF, classified networks, offline operations
  • Data residency requirements — EU GDPR, China data laws, government mandates
  • Custom integration needs — Embed in proprietary platforms, specialized workflows

Includes: Enterprise CLI, Docker/Kubernetes orchestration, RBAC, audit logging, and dedicated support.

Contact sales for assessment and pricing →

Other Requirements? Need white-label deployment or custom integration? Contact our enterprise team →