Over the past couple months the developers at ZKasino have been working on a method to achieve verified randomness on StarkNet. We are excited to share our approach using the Drand Randomness Beacon: a verifiable randomness function from outside the blockchain.
Motivation
Getting a random number on a blockchain, such as StarkNet, is a tricky feat. The deterministic and public nature of a blockchain inherently removes the possibility of randomness. In order for a distributed network of nodes to verify the transactions in a block, these transactions have to be exactly the same. These transactions also have to be available to each node at all times. This makes any potential random generating algorithm transparent and thus predictable.
To build a fair casino for all users we cannot afford any weakness to the base randomness of the game. Any unfair advantage can cost millions and deplete the casino’s bankroll. Instead of generating randomness on the blockchain we have decided to create a verifiable randomness oracle.
What is verifiable randomness and why is it important?
A Verifiable Random Function (VRF) is an algorithm that provides a pseudorandom number and a signature that can be used to prove that the given number was computed in a fair manner. VRFs are a popular method to provide random numbers in smart contracts as they leverage an existing random number generator from outside the blockchain and the results can be verified on a smart contract.
The VRF we have chosen — the Drand randomness beacon — is a network of nodes run by credible organisations dedicated to providing public randomness as a base of internet infrastructure. The Drand network is agnostic to any blockchain, but we easily relay the random numbers generated by Drand onto StarkNet. Each random number generated by Drand is not known to any participant in the network until it is published to the public. A timestamp and signature are provided along with the random number so a smart contract can verify the number’s validity.
Using Drand as a VRF in our casino
With Drand providing publicly verifiable randomness, we constructed the following architecture for a casino game:
We start with a user making a move by calling a game contract. The game contract then submits a Random Number Generator (RNG) request to the VRF Oracle. Upon receiving the request the oracle creates and stores a timestamp for when the request was made. The Drand network intermittently outputs a random number payload that is picked up by our VRF Repeater. The VRF Repeater is a simple script that sends the latest Drand payload to the VRF Oracle. The VRF Oracle uses the signature of this payload to ensure that the given random number is a fresh random number from the Drand network. Once a random number is verified the oracle resolves the RNG requests by calling a designated call back function for the game contract.
Over the coming weeks ZKasino will be releasing an in depth technical overview of the randomness oracle. This will cover the math involved in verifying a Drand payload on chain and how other contracts can use our oracle in their own dApps.
In the meantime we are sharing our base VRF contracts for our oracle and randomness consumer. Additionally the VRF Repeater is available.
And lastly join our community. We are always looking for feedback on our approach and our community channels are the best place for your questions to be answered.
https://discord.com/invite/zkasino
https://twitter.com/ZKasino_io
https://zkasino.io