An oracle is an external source of data to a distributed ledger which is considered to be authoritative, trusted and definitive. What makes an oracle unique (compared to a smart contract, for example) is this ability to derive information from sources external to the ledger that it supports.
An oracle is necessary once a smart contract is written to interact with external data. One example is a bet on the Super Bowl, where one party picks one team, one party picks another, and an oracle determines the winner from ESPN and pushes that data to a smart contract to carry out the transaction. Similarly, within financial institutions, external data is often necessary in transactions – for example, to verify that a loan has reached maturity, one must gain knowledge about the current time.
An oracle attests to the validity of data by digitally signing facts within transactions as well as the state resulting from the transaction. A signed message from an oracle indicates proof of an event and can then be used as an input into a transaction and distributed within the transaction data itself. Once signed, an oracle cannot later “change its mind” and invalidate transactions that were previously found to be valid (allowing an oracle to change its mind would result in a loss of consensus, undermining the integrity of the system).
There are similarities between oracles and smart contracts and, in fact, they work together to carry out transactions that require data from the outside world; however, there are key differences as well. While the integrity of a smart contract depends on it being contained within the ledger itself, an oracle is independent of the entities on the ledger it interacts with and can access data outside of the ledger. Additionally, an oracle does not contain legal agreements nor can it change the state of agreements on the ledger as a smart contract does.
Once the integrity of a transaction is exposed to a third party, it creates significant vulnerabilities. Within “permissioned” or known-participant systems, trust can be relied upon and fraud and malicious attacks are much easier to monitor and police. In a permissionless system, on the other hand, the use of oracles is more problematic as trust may be more difficult to establish.