Async Privacy Oracle Spec
Canonical Request Path
- Client reads the Oracle public key.
- Client encrypts a secret locally.
- Contract calls
Request(requestType, payload, callbackContract, callbackMethod)
- is emitted on-chain.
- Morpheus dispatcher validates the event and forwards it to the Phala worker.
- Phala executes fetch-only, private fetch, public compute, or private compute.
- Dispatcher calls
FulfillRequest(requestId, success, result, error)
- Callback executes in the consumer contract.
Oracle Payload
{
"url": "https://api.example.com/private",
"method": "GET",
"headers": {},
"body": "",
"json_path": "data.value",
"encrypted_token": "<base64 ciphertext>",
"encrypted_payload": "<base64 ciphertext>",
"encrypted_params": "<base64 ciphertext>",
"token_header": "Authorization",
"script": "function process(data) { return data.age > 80; }",
"script_base64": "ZnVuY3Rpb24gcHJvY2VzcyhkYXRhKSB7IHJldHVybiBkYXRhLmFnZSA+IDgwOyB9",
"target_chain": "neo_x",
"target_chain_id": "12227332"
}
Rules
- is the canonical encrypted auth-secret field for private fetches
- if decrypts to a JSON object, the worker treats it as a confidential payload patch and merges it before execution
- / are dedicated aliases for encrypted JSON patches that can carry secret headers, provider params, compute input, function names, or scripts
- and are interchangeable aliases
- and are on-chain request arguments, not JSON payload fields
- may be or
- confidential payload transport uses
X25519-HKDF-SHA256-AES-256-GCM
Built-in Compute API
Use
with one of:
{
"mode": "builtin",
"function": "zkp.public_signal_hash",
"input": { "signals": ["1", "2", "3"] },
"target_chain": "neo_n3"
}
or
{
"mode": "script",
"script": "function run(input) { return input.a + input.b; }",
"entry_point": "run",
"input": { "a": 2, "b": 3 },
"target_chain": "neo_x"
}
Confidential compute can be submitted by encrypting the full compute payload patch with the Oracle public key:
{
"encrypted_payload": "<encrypt({\"mode\":\"builtin\",\"function\":\"math.modexp\",\"input\":{\"base\":\"2\",\"exponent\":\"10\",\"modulus\":\"17\"},\"target_chain\":\"neo_n3\"})>"
}
Built-in Providers
Requests may optionally specify a built-in provider via
and
.
Built-ins:
- — direct market-data source with API key auth
- — direct Binance spot ticker endpoint without aggregation
- — direct Coinbase spot price endpoint without aggregation
If
is omitted, callers may still use their own
plus encrypted secret payloads.
Worker Verification Envelope
The worker response may include a stable
object:
{
"verification": {
"output_hash": "<sha256 of canonical result payload>",
"attestation_hash": "<currently mirrors output_hash>",
"signature": "<neo n3 signature or null>",
"public_key": "<neo n3 public key or null>",
"signer_address": "<optional neo n3 address>",
"signer_script_hash": "<optional neo n3 script hash>",
"tee_attestation": {
"app_id": "...",
"instance_id": "...",
"compose_hash": "...",
"quote": "0x...",
"event_log": "...",
"report_data": "0x..."
}
}
}
On-Chain Fulfillment Payload
The relayer normalizes successful worker output into a chain-ready result envelope before calling
:
{
"version": "morpheus-result/v1",
"request_type": "privacy_oracle",
"fulfilled_at": "2026-03-09T00:00:00.000Z",
"worker_status": 200,
"success": true,
"route": "/oracle/smart-fetch",
"result": {
"mode": "fetch+compute",
"target_chain": "neo_n3",
"result": true,
"extracted_value": null
},
"verification": {
"output_hash": "...",
"attestation_hash": "...",
"signature": "...",
"public_key": "...",
"signer_address": "...",
"signer_script_hash": "...",
"tee_attestation": {
"app_id": "...",
"instance_id": "...",
"compose_hash": "...",
"quote": "0x...",
"event_log": "...",
"report_data": "0x..."
}
}
}
This normalized JSON is UTF-8 encoded and passed as the
bytes of
.
Callback Consumer Interpretation
Consumers should interpret the callback payload as:
- a UTF-8 JSON object
- versioned by
- with business payload under
- with attestation/signature material under
Verification
Use:
- for a prefilled example
- for server-side verification
- for the browser verifier UI