Can Randomness in Smart Contracts Be Hacked?
In gaming dApps, random number generation helps games remain unpredictable and exciting. In games of chance, it helps players trust the results. Game developers cannot achieve randomness by relying on an Ethereum-based smart contract, however, as they’re simply too deterministic.
Instead, developers must seek out external sources of randomness, such as a block hash or a block timestamp. Solutions such as these are frequently susceptible to manipulation or corruption, however.
In addition, most computer hardware is also designed to run deterministically, which means regular computers cannot generate true random numbers.
Fortunately, smart contract developers can use first-party oracles (oracles that own the data they serve) for random number generation (RNG). These oracles frequently employ pseudo-random number generation (PRNG) to generate adequately random-looking numbers. PRNG can be somewhat problematic when it comes to security.
Why Smart Contracts Remains Vulnerable
Today, decentralized PRNG (e.g., RANDAO, VRF) is the most popular way to build RNG oracle services. PRNG remains problematic, however, as it is vulnerable to Sybil attacks, much like any third-party oracle network. Since one needs to trust the governing entity to select the network participants, decentralized PRNG is only as secure and decentralized as the governing entity.
In blockchain technology, a Sybil Attack occurs when a single person (or entity) attempts to take control of a network via its network nodes. Achieving this feat is fairly difficult, as the attacker must resort to pseudonyms as a cover. The attacker must also ensure that the network nodes appear to be acting independently instead of controlled.
If successful, the attacker will exercise undue influence over network decisions This can be especially egregious for any governing entity providing a PRNG, as the attacker may choose to manipulate a PRNG to create a security vulnerability.
Resolving this issue requires full data ownership, leaving API3 and other first-party oracles as the most optimal solution to counter the Sybil Attack risk.
Smart contracts that rely on software-based PRNGs are also vulnerable to manipulation in less obvious ways. While software-based PRNG outcomes appear to be “random,” any thorough statistical analysis will reveal that PRNG is somewhat predetermined than being truly random. In reality, PRNG outcomes can be controlled to a certain extent, given that they rely on algorithms limited by their original seed numbers.
Unfortunately, any attempt to diminish this weakness by creating higher entropy ultimately lowers throughput. This is why software-based PRNGs typically employ post-processing algorithms to improve randomness. API3 offers an alternative RNG solution that eliminates such external manipulation.
Alternative RNG Solutions
Dapp developers have sought to remedy this situation by using hardware random number generators. These types of devices generate random numbers by relying on physical phenomena (such as lava lamps) rather than computer programming.
Known as true random number generation (TRNG), this capability seeks to rectify PRNG’s lack of randomness and predictability by using physical phenomena to generate truly random numbers. TRNGs do not rely on deterministic, post-processing algorithms to provide consistent randomness. Instead, the randomness is inherent in the physical process used to generate the numbers.
An even better alternative is quantum random number generation (QRNG), QRNG generates random numbers by measuring a quantum system (as seen with these examples). Here, the quantum processes underlying this achievement are fully understood, and “they can be modeled and controlled to produce an unpredictable randomness” (IDST.com).
Unlike other RNGs, quantum random numbers cannot be modeled and predicted with a powerful enough computer (given the initial state of the process). Even when two quantum states are prepared in exact identical states, measuring them can result in random outcomes.
Best of all, QRNG is not susceptible to quantum computers.
Why Chainlink VRF Is Problematic
Developers have recently flocked to Chainlink’s VRF (Verifiable Random Function). The on-chain random number generator (RNG) generates a pseudo-random number along with a cryptographic proof of how that number was determined. Chainlink’s VRF is not ideal, however.
Unless Chainlink VRF users purchase a subscription, they must contend with price uncertainty. This issue becomes even more problematic when several random values need to be generated at once.
As a Chainlink VRF user once asserted, “At some point it might be infeasible to use VRF to generate random values so I would have to implement in my contract some price check to halt the contract execution for the time being until the fees become manageable again. So my question is: does Chainlink have some kind of mechanism to prevent this kind of situation?
In addition, Chainlink VRF can be somewhat slow. As one Chainlink user pointed out, “I often have to wait several minutes for VRF to return a random number, and I pay like $50 for the privilege. For a proof of concept that’s one thing but for a game that’s just not going to work.”
In this case, the user’s frustration became palpable enough for him to consider implementing a private queue in Solidity of random numbers as an alternative.
Is QRNG the Best Choice?
While crypto observers may be enthralled by Chainlink’s VRF, many developers put their faith in QRNG, a method of random number generation based on quantum phenomena. The numbers generated by QRNG are considered truly random because the outcome of a quantum event is theoretically uncertain. It also eliminates the many security vulnerabilities found in PRNG and TRNG.
Smart contract developers seeking to use QRNG must still trust that the provider is actually providing quantum-random numbers. Fortunately, requiring QRNG creates a very significant barrier to entry to providing on-chain RNG services. In short, any organization that can provide in-house QRNG must be well-established and prestigious enough to have invested significant financial resources to do so.
