Ad
News
The importance of yielding randomness on blockchains The importance of yielding randomness on blockchains
🚨 This article is 3 years old...

The importance of yielding randomness on blockchains

Exploring the need for trustless decentralized digital randomness.

The importance of yielding randomness on blockchains

Cover art/illustration via CryptoSlate. Image includes combined content which may include AI-generated content.

In the physical world, it’s easy to achieve randomness because nature by itself is so random. But in the digital world, things are a little different and usually require some form of human-induced randomness to produce the desired result.

The Random Number Generator (RNG) is such a piece of software or hardware that is used in computing to generate random numbers. This tool seeks to achieve fairness in applications whose core functionality relies on the generation of random numbers. A few examples include games and lotteries.

Blockchains, in particular, share a unique relationship with this type of technology since the blockchain is built on the idea of fair distribution of opportunities on a decentralized framework. From the blossoming decentralized applications (dApps) on Ethereum to the on-chain NFT blind boxes that are growing popular by the day, RNGs are a must-have for achieving unbiased random inputs that improve credibility and user experience.

The challenge of producing trustless randomness

However, producing artificial random, secure, and robust numbers capable of being applied to situations that require unique and trustless randomness on decentralized networks is easier said than done.

While there are several methods of producing randomness both in the physical world as well as in cyberspace, the quality of randomness achieved is mostly categorized into two kinds i.e. truly random outcomes and pseudo-random outcomes.

Truly random numbers (TRN) leverage physical real-world processes. These random number generators are often based on microscopic events that generate low-level random pulse signals. This makes the use of TRNs impractical on blockchains as it is difficult to deploy these microscopic events into the code of a decentralized network.

Pseudo-random numbers (PRN), on the other hand, are generated using mathematical algorithms such as the public keyed hash message authentication code (HMAC) as well as threshold signature.

Overall, an ideal random number generator on a decentralized framework should have the following fundamental properties:

Random uniqueness

The output of an RNG should be unpredictable, unique, and independent between each output. Otherwise, attackers can carefully choose the random numbers and exploit the system. Simply put, this means that after producing “output A,” the production of the following “output B” should depend only on the probability of its occurrence (B), not on previous outputs (A) or future ones (C, D, E..). On a decentralized framework, this level of uniqueness should be applied to the whole set of random number generating nodes and not just a part of the nodes in the network.

Non-interactives

On the blockchain, generating random numbers in a decentralized way is possible. The communication overhead will, however, become a limitation or a “single point of failure” for the entire system. An RNG algorithm needs to eliminate the output of a “Trapdoor Function” which allows secret discoverability with the right input. Overall, non-interactive RNGs ensure zero exportability thus achieving a secure one-way communication for each RNG node.

Availability

The consistent availability of base RNG services is important for decentralized networks. However, the uptime of current decentralized system nodes is unpredictable. Therefore, the RNG algorithm should provide availability based on unpredictable nodes. For instance, methods like threshold signature or multi-signatures work better in decentralized systems with more than half of the required nodes available at any given time. This proportion ranges from 50% to 90%. If you have a system that has less than half of the nodes available, it is important to create more alternative paths if some nodes are unreachable. For instance, if there are 5 required signatures, 3 backups should be used as well. However, any method of resiliency will depend on the availability of RNG nodes in the network.

Threshold BLS Signature: is it a viable solution?

The threshold BLS (Boneh Lyn Shacham) signature is a cryptographic digital signature scheme that is a game-changer for any decentralized network. This digital signature scheme can generate randomness without relying on TRN generators plus it compares favorably with other algorithms, such as the popular ECDSA.

BLS threshold signatures are considered to be faster and scalable hence the move by Ethereum 2.0 developers to switch to the BLS12-381 standard as the network’s primary signature scheme. The application of a BLS threshold signature standard will enable BLS-based applications to run on Ethereum.

What’s more, the threshold version of BLS signatures is robust on decentralized systems allowing at most half the group nodes on a decentralized network to be responsible for generating randomness. This enables a sufficient number of participating nodes thus allowing consistent availability of RNG nodes as well as network security.

Figure 1. Original BLS vs. Threshold BLS

Possible Existing solutions

One of the best existing implementations of the threshold BLS signature is ARPA’s RNG architecture. Not only does it allow anyone to run an RNG computational node on a decentralized network, but it also goes the extra mile to ensure verifiable computation even under malicious majority conditions on a network. Protocols need to meet all the three required features of a trustworthy, dynamic, and decentralized Random Number Generator as it is capable of learning over time to improve outcomes.