Is block.blockhash(block.number-1) okay?

Cover Photo by dylan nolte on Unsplash

Is block.blockhash(block.number-1) good enough for random within my Ethereum game?

TL;DR: Yup. :/


When building out a game on Ethereum, you quickly realized that on-chain randomness is tricky. The blockchain is public and deterministic, but there are some tricks to generate pseudorandomness.

One such trick is to get the hash of the previous block, but that means you *already know* what the random number is. Plus it’s controlled by the miners; they can choose to throw out a block if the targeted blockhash won’t produce the desired outcome in your game. Doesn’t that seem shifty?

Let’s take a look at the top 15 games right now on DAppRadar.com and see if we can learn how they are generating random numbers

#1. CryptoKitties — private contract that does gene mixing, unknown random

#2. ETHERBOTS

They use the hash of the previous block.

#3. CryptoCities — no source code on Etherscan, no gaming mechanics?

#4. Etheremon — no real gaming mechanics, but:

They use the previous blockhash plus a “private” salt.

#5. ETHERCRAFT — no source code on Etherscan. No gaming mechanics YET, but they have promised to use a future blockhash. They also cap rewards to the block reward amount… more on this later.

#6. CryptoBots — blatant KittieClone, private genemixer

#7. Ether Quest

They use the previous blockhash with other things the miners can manipulate.

#8. KryptoWar — no source code on Etherscan

#9. Angel Battle

They use the previous blockhash plus a “private” salt.

#10. Ether’s Ark — Bad KittieClone, no gaming mechanics

#11. CryptoStamps — Collectible, no gaming mechanics

#12. CryptoFighters

They use a nonce with the timestamp. A miner could pick the timestamp that lets them win.

#13. CryptoCars — no gaming mechanics

#14. CryptoCities — no gaming mechanics

For number 15 I should throw out the disclaimer that I wrote this contract. For what it’s worth, I regret how I over engineered the randomness. It is clear that the previous blockhash works just fine for casual games.

#15. Cryptogs — We used a commit/reveal scheme to create randomness on-chain. At ETHDenver we decided we wanted to use a form of randomness that would be more secure than the previous blockhash and harder for miners to manipulate.

Cryptogs.sol uses a future blockhash in combination with a committed and then revealed hash. Players can rest assured that a miner is unable to manipulate the outcome. Pretty cool right? No not really.

What we’ve learned from all the extra transactions: it’s not worth it. The block reward, plus the time a hacker would have to spend to dive into the guts of the contract just isn’t worth stealing my rad 8-ball pog.

We will be building out an extended contract to allow for a less expensive version of the game to be played. We will also sprinkle in some centralization and state channels to make the user experience better. The original, fully decentralized, commit/reveal will always be available for the hardcore!

Play Cryptogs now at https://cryptogs.io