Generating a random number on the Blockchain
As we know blockchain is a deterministic system and this is super ambitious because it allows us to do all these smart contracts and have a system that can actually reach consensus very easily. Random numbers are much harder in deterministic systems. Assume a blockchain with a whole bunch of different nodes and each node responds and gives its own value. Will each node ever sync up and say,” You know what! We all agree on this random number”
So, what can we do then? Why don’t we just base our random number generation on some other attributes in the system? but then, it won't be really random; more like pseudo-random. So, getting a truly random number in a deterministic system seems sort of impossible. Even math.random() does not really give a random number. Now in smart contracts, especially when working with any type of financial application, having an exploitable randomness function means that your application is at risk of being hacked. So, let’s see how we can cope with this.
* The insecure way first(quick & dirty):
*Don’t use this in production use cases.
What some insecure protocols do is they’ll use globally available variables and hash them. In smart contracts, there is a number of globally available variables. Some of those are
- msg.value:
msg.valuecontains the amount of wei sent in the transaction. - msg.sender:
msg.senderwill be the person who's currently connecting with the contract. - block.difficulty:
block.difficultyreturns the current block difficulty.
Don’t you remember? The time between different block generations is called block time. you can keep block time as is by changing block difficulty over time. The harder the problem, the longer it’s going to take, or the more nodes you are going to need to solve the problem. So, there is this constantly recalculating metric called Ethereum difficulty or block difficulty. You might think that this would be a great use of randomness because it’s somewhat hard to predict, so why don't we just use this as the unit of randomness?
// hashing
keccak256(
abi.encodePacked(
nonce,
//nonce is predictable(aka transaction#)
msg.sender,
//msg.sender is predictable
block.difficulty,
//can actually be manipulated by miners
block.timestamp
//timestamp is predictable )
);
// keccak256 hashing algorithm
But the concern is that the hashing function itself is not random. Keccak256 is gonna hash everything exactly the same way. So, we are not actually making it more random by hashing it. The randomness of this is dependent on all the pieces in it. So, if block.difficulty is random, then, the number generated will be random, and if this isn’t, that won’t be. DEPENDENCY ALERT!!
So, when calculating random numbers in this way, the hashing algorithm is always going to be the same because almost everything is nonetheless predictable. So all this is doing is giving miners the ability to win the lottery. so this is obviously not an effective way.
but “what if we use onlyOwner modifier? Yes, we can have onlyOwner modifier here that’ll means we are the ones who choose when to call this so, it is somewhat decentralized in this regard but it won’t be the best practice.
* True randomness with chainlink VRF:
OK! To get a truly random number, we are going to look outside the blockchain. As we know, blockchain is a deterministic system. So, we need a number outside the blockchain, but we can not use just any API, what if it gets corrupted or becomes malicious, or if it goes down, etc. What we need is a provable way to get a random number & chainlink-VRF is that solution. Chainlink-VRF stands for Chainlink-Verifiable Random Function.
Chainlink-VRF is a way to get provably random number into your smart contract.it has an on-chain contract that checks the response of chainlink node to make sure the number is truly random using some cryptography magic.It is actually used in protocols like Aavegotchis and EtherCards because of its security, reliability and being truly provable way to get a random number which is incredibly powerful in a decentralized system.
To be continued:
In part II, we’ll have in-depth insight on Chainlink-VRF & its Request and Receive nature.
Link to part II -> Generating a random number on the Blockchain — II
