Randomness Protocol
Distributed key generation (DKG)
To offer distributed and verifiable randomness on-chain, DIA leverages drand’s distributed randomness beacon. The beacon is run by a group of independent actors called the League of Entropy.
The League of Entropy is a collaborative project to provide a verifiable, decentralized randomness beacon. A decentralized randomness beacon combines randomness from multiple independent high entropy sources to generate a truly unbiased random number for anyone that may need a public source of randomness.
Please visit the project site at drand.love for the most up-to-date information on current operations. To learn how the how distributed randomness beacon is built please visit this link.
What is randomness?
Randomness is the property of lacking any sensible predictability. It is very difficult to create random events on-chain due to the deterministic nature of any EVM or EVM-like environment.
Centralized randomness is susceptible for attacks by the randomness source, as a single non-random outcome cannot be distinguished from a random one. Thus, having a single RNG provide randomness via an oracle is not enough.
Who needs randomness?
Random numbers can be very relevant for on-chain applications such as games, lotteries, prediction markets, or NFT launches.
Relying on pseudo-random values like the last blockhash can be manipulated by miners and is not advisable.
Drand run distributed nodes to produce their randomness beacon. They use Pedersen's DKG (Distributed Key Generation) protocol to create collective private/public key. Participants in their League of Entropy then generate randomness in rounds and broadcast it together with its signature.
On-chain publishing process
From random number generation to on-chain distribution, DIA xRandom operates as follows:
Drand randomness generation: in every drand epoch (currently set at 30s for the existing LoE beacons, but planned to be decreased on future “unchained” beacons) each of the nodes that form the drand network generates a partial signature, which it broadcasts to the rest of the nodes. Once any node has enough, i.e., a threshold number of signatures, it computes the new randomness beacon, which is the hash of the signature aggregate.
Drand randomness propagation and consumption: the new beacon is propagated through the network to all other nodes. Any node can verify and accept or reject the hash of the signature (i.e., beacon) that it received. Any client or application can consume randomness out of band (i.e., without needing to be part of the drand network) either through the public HTTP APIs or through libp2p’s pubsub protocol, Gossipsub. Clients can also verify that the randomness they received is indeed the one produced by the drand network.
DIA on-chain distribution: the final randomness signature is shipped on-chain as an oracle smart contract. In order to effectively and securely execute these on-chain transactions, DIA has built a robust, decentralised node infrastructure — dubbed DIA xNode. DIA xNode is a network of third-party, decentralized node providers that grant DIA the blockchain infrastructure to push data on-chain ensuring high rate limits.
Risk Mitigation
It is important to understand the risks of the randomness oracle before using it and to be able to mitigate them.
An extensive risk evaluation of the underlying drand.love protocol can be found in their documentation. All risks listed there also affect the randomness guest oracle, as it serves as an underlying data provider.
Additionally, there are new risks introduced by using the oracle.
Oracle stops serving data
Check that the oracle has recent updates in its history.
Specific Round is missed by the oracle
Have your dApp use the next round if a certain round is unavailable (but later ones exist).
Oracle serves compromised data
Check the associated BLS signature provided by drand (Note: Currently not availabe on most EVMs).
Last updated