Randomness is the property of lacking any sensible predictability. It is very difficult to create random events on-chain due to the deterministic nature of any EVM or EVM-like environment.
Centralized randomness is suspectible for attacks by the randomness source, as a single non-random outcome cannot be distinguished from a random one. Thus, having a single RNG provide randomness via an oracle is not enough.
Random numbers can be very relevant for on-chain applications such as games, lotteries, prediction markets, or NFT launches.
Relying on pseudo-random values like the last blockhash can be manipulated by miners and is not advisable.
Drand run distributed nodes to produce their randomness beacon. Drand uses to create collective private/public key. Participants in their Leagure of Entropy then generate randomness in rounds and broadcast it together with its signature.
It is important to understand the risks of the randomness oracle before using it and to be able to mitigate them.
An extensive risk evaluation of the underlying protocol can be found . All risks listed there also affect the randomness guest oracle, as it serves as an underlying data provider.
Additionally, there are new risks introduced by using the oracle.
Risk | Possible Mitigation |
---|
Oracle stops serving data | Check that the oracle has recent updates in its history. |
Specific Round is missed by the oracle | Have your dApp use the next round if a certain round is unavailable (but later ones exist). |
Oracle serves compromised data | Check the associated BLS signature provided by drand (Note: Currently not availabe on most EVMs). |