Secret VRF: Secure and Verifiable Randomness for the IBC Ecosystem
Obtain secure and verifiable random numbers for your smart contracts with Secret VRF, an IBC-compatible on-chain RNG solution!
Secret VRF, a secure and verifiable random number generator integrated into Secret Network and accessible to all IBC-connected blockchains, is now available for developers to start using!
Secret VRF (Verifiable Random Function) allows for the creation of truly random numbers on the blockchain, without compromising security or usability. There's no need to rely on off-chain solutions that are often unreliable, centralized, costly, and detrimental to the user experience. Instead, this verifiable random number generator exists on the blockchain itself, making it the optimal solution for all decentralized applications.
Keep reading to learn more about the technical challenges of on-chain RNG, how Secret VRF solves them, and the use-cases it unlocks!
The Challenge of On-Chain RNG
Randomness is an essential component in many types of applications. Games require it in order to remain unpredictable and fair. Security protocols require it to generate strong encryption keys. Lotteries and contests need it in order to select winners fairly. DAOs and other forms of governance can use it to select representatives for a position or decision making process. However, generating true randomness on a blockchain is not a simple task.
Blockchain technology is designed to be deterministic, meaning that the same input computed on the same state will always produce the same output. This feature can be a problem for RNG because random numbers are, by definition, unpredictable. A blockchain system must find a way to generate random numbers that are not predictable while still being deterministic.
Additionally, RNG solutions that attempt to source randomness from a blockchain are often susceptible to tampering due to the public nature of most blockchains. For example, if an RNG solution sources randomness from block hashes, a validator could attempt to only publish a block if the hash will result in a favorable outcome.
One alternate solution is to source randomness from off-chain data, or "oracles", but these sources are often centralized and untrusted, meaning the data could have been tampered with before being delivered to the blockchain.
Secret VRF solves all of these problems!
How Secret VRF Solves RNG
Secret Network is built on top of Tendermint, a peer-to-peer networking protocol that provides Byzantine-Fault-Tolerance (BFT) and Proof-of-Stake (PoS) consensus. Validators are selected based on a weighted average that accounts for their share of delegated tokens.
Here's how a block is introduced and compiled in Secret Network:
- The selected proposal node initiates the process
- Proposer compiles mempool transactions into a block
- Proposed block is transmitted to all nodes in a pre-vote stage, which verify a valid block is submitted
- If a supermajority of nodes (⅔) pre-vote for this block, it becomes valid
- The valid block is added to the immutable chain
A key component to block validation on Secret Network is the previously mentioned pre-vote stage. This is where Secret VRF comes in. During this pre-vote stage, a verifiable random number is attached to each proposed block. This number can be used by applications as an on-chain RNG seed.
Maintaining an RNG's integrity is multifaceted:
- RNG has sufficient entropy
- The block proposer cannot know the random number before others
- External actors can't predict the number in advance
Secret Network's utilization of SGX technology enables private computation on-chain and gives it a distinct advantage as a provider of privacy in the interchain. To offer interchain randomness as a service, Secret Network employs SGX to generate a random number on-chain during Tendermint's block proposal phase. The block proposers use the RDRAND/RDSEED instruction to generate a random number within the Trusted Execution Environment.
Apart from using SGX for generating random numbers, Secret Network enhances the security of the generated random numbers by integrating an Initial Randomness Seed (IRS). The IRS stems from a common consensus seed that all network nodes share and the random number and IRS are merged via an algorithm known as HKDF (RFC5869). This process ensures that the resulting number is genuinely random and remains unpredictable even if someone attempts to manipulate the original random number generation.
To ensure the security of the random number produced by the block proposer, a significant number of network validators must give their approval of the proposed block before the encrypted number can be deciphered.
The pre-vote mechanism in Tendermint enables the blockchain to signal that the proposed block has been authorized by most network validators, providing assurance for block execution attempts. As a result, the Initial Randomness Seed can only be decrypted if nodes submit 2/3 majority of pre-commits/commits to the TEE. The TEE will then verify this majority and decrypt the seed, returning it to the requester in its decrypted form, which can be used for network randomness.
An extra proof is provided alongside the encrypted number to ensure maximum security. This proof guarantees that a proposed random number is consistent with the block height and active validator set.
A one-way function is utilized to generate the proof, taking into account the encrypted random value, block height, active validator set, and the Random Encryption Key (which is exclusively decryptable by network nodes only inside the TEE). With the proof key, SGX enclaves can verify that the proof was generated within the enclave and is legitimate.
Many Web3 dApps are games that use RNGs to determine game outcomes, such as dice rolls or card draws. RNGs are used to ensure those game outcomes are random and cannot be manipulated.
Lotteries and Raffles
Web3-based lotteries and raffles use RNGs to select winners fairly and randomly. This can extend beyond simple monetary lotteries to government-run municipal lotteries, such as ones determining school admissions and registrations.
Decentralized Finance (DeFi)
DeFi protocols use RNGs to select validators, distribute rewards, and determine the interest rate for lending pools. RNGs can help ensure fairness and decentralization.
RNGs are used to generate unique Non-Fungible Tokens (NFTs) that are created on the blockchain. RNGs are used to ensure that the NFTs are unique, non-consecutive, and cannot be duplicated.
Some Web3 protocols use RNGs to select random participants for decision-making processes or to determine the order of votes.
dApps use RNGs in multi-party computations, where multiple parties jointly compute a function over their inputs without revealing their inputs to each other. The use of RNGs ensures that the computation is fair and unbiased, not favoring any involved party over another.
Limiting Secret VRF Attack Vectors
If RNG is a critical element in a dApps' security infrastructure, it becomes a potential attack vector. Any weakness or vulnerability in the RNG algorithm could be exploited by attackers to compromise the entire blockchain system, so security must be the top priority. Secret Network is perfectly primed to maintain security through its use of Trusted Execution Environments – in this case, SGX.
SGX's isolation can be used to limit the attack vectors on Random Number Generators (RNGs) in a blockchain system.
TEEs isolate the execution of code and data from the main operating system, limiting visibility and reducing the attack surface on the VRF. The RNG can be implemented within SGX, making it significantly more secure than transparent on-chain computation.
TEEs can also provide a way to verify the integrity of the code executing within the TEE. This provides assurance that the RNG is running correctly and hasn't been compromised.
TEEs can also provide sealing, which is a mechanism for encrypting data and storing it securely within the TEE. This is used to store the initial state of the RNG, making it harder for attackers to access or manipulate the RNG's seed.
TEEs provide a secure input/output mechanism, which ensures that sensitive data, such as the encrypted RNG output, is not exposed to untrusted components. This mechanism ensures that the encrypted RNG output is protected from external attacks.
By implementing an RNG within a TEE, the attack surface on the RNG can be reduced, while still ensuring the VRF's integrity can be verified. This can help to ensure the security and trustworthiness of the blockchain system that relies on RNGs.
Secret Network is uniquely primed to provide verifiable on-chain randomness, unlocking many new Web3 use cases. It's up to you to build them! Head to our VRF landing page to view the VRF developer documentation, study new use cases, and start building with randomness!