The official wallet of Supra.

Distributed VRF: Replicating Randomness for On-Chain Verification

March 09, 2024 - 7 min read

Using a Distributed Key Commit-Reveal Scheme, Supra secures on-chain randomness requests to ensure unpredictability and thus, fairness, in distributed systems.

Supra dVRF

Introduction

The need for creating a truly random number might not seem obvious at first, yet it’s essential to various crypto assets, blockchains, and DeFi applications. These include front-facing applications like blockchain lotteries and reward draws, randomized NFT trait generation, and back-end applications, like enabling cryptographically provable node randomization and helping generate other types of blockchain security. 

In Web2, RNGs or random number generators have traditionally generated random numbers. These RNGs are centralized, non-transparent, and may provide numbers close to being random but don’t go the entire way. 

In recent years, Web3 developers have introduced Verifiable Random Functions, or VRFs. These services produce random numbers and provide “receipts” for its calculation on blockchains. However, early VRFs have often been centralized, meaning that while the number might be truly random, the VRF could be manipulated by the controlling entity to create a non-random number. The next stage of Web3 VRFs are decentralized VRFs. However, even many decentralized VRFs are prone to potential manipulation and aren’t quite as transparent as they could (or should) be.

Randomness in Decentralized Networks

Random number generators are fundamental algorithms in computational science and more recently distributed computation, and are used to generate sequences of numbers that are deterministic yet unpredictable and hence, “random.” These algorithms are crucial in various fields such as simulation, cryptography, and random sampling.

For Supra’s blockchain, RNGs play a crucial role in processes such as selecting validators in Commit Moonshot’s consensus mechanism, randomizing clans, commodity sharding, or simply generating a pseudorandom output upon request. Of course, Supra’s state-of-the-art decentralized algorithm provides blockchain-based security guarantees, generates the randomness in a distributed manner, and uses a shared-key threshold signature aggregation algorithm to write the randomness on-chain. 

This results in a tamper-proof, unpredictable output, which is useful for a variety of scalable decentralized applications on the Internet. More specifically, guaranteeing randomness means lending trustless credibility to the determination of winners in lotteries or games in which the participants can’t possibly know one another, and ensuring fairness in smart contract execution.

What is verifiable or “good” randomness?

Determining the difference between “good” and “bad” randomness is rather easy. Think of school children joining a game during recess; they would only want to play if the game is fair. If any part of the game is inherently unfair, everyone would simply walk away or start a new game. 

Therefore, the inclusion of randomness in distributed systems, like Web3, is of the utmost importance so that we can mimic the same sort that would be encountered in the real world. Randomness then can be evaluated on several key characteristics: 

  • Unpredictability: Participants are unable to compute the number beforehand. 
  • Unbiasablility: The random outputs can’t be affected by the biases of any participants that would make certain numbers more likely than others.
  • Publicly Verifiable: Participants can easily verify whether outputs were computed with fidelity.

Technically speaking, unpredictability is a stronger property than unbiasability. This is because any prediction leads to a bias toward the predicted value, whereas random numbers can be predictable yet unbiasable.

Verifiable Random Function Services

One approach to address this challenge is through the use of VRFs. VRFs are cryptographic primitives that enable parties to prove to others that they have generated a random output according to a specific function without revealing the actual output itself. This allows for the generation of random numbers that are verifiable by all participants in a distributed network like blockchains.

In Supra’s, VRFs are used for commodity sharding in the DORA Oracle, and node randomization amongst various clans as well. VRFs are also used to select validators for each round’s block leader who proposes the next block for validation. This ensures that the selection process is fair and cannot be anticipated nor manipulated by any participant within or observer of the network. 

As for dApps themselves, they can request randomness from Supra’s Distributed VRF service whenever they want to generate an unpredictable output. That is to say that Supra’s dVRF provides a reliable and secure way to introduce randomness into blockchain applications, which is essential for ensuring fairness and unpredictability in distributed networks.

The dVRF is crucial for lending credibility to the fairness of various applications and use cases like chance events, gaming, lotteries, and NFT crafting. Here’s a high-level overview of how it works:

  1. Request a Random Number: A smart contract in need of a random number sends a request to Supra’s dVRF along with a few parameters, such as a user-defined seed and a callback function to handle the result.
  2. DKG Commit-Reveal Scheme: Supra’s dVRF clans use a distributed-key aggregation scheme to collectively generate the random output. First, they commit their partial seeds, which is a hash of the request parameters, to help ensure that the random output is unpredictable and unbiasable, even by the nodes who generated it using partial keys.
  3. Random Number Generation: Supra’s nodes generate the random number by using the aggregated seeds. 
  4. Public Verification: Once the random number is generated, it is returned to the requesting smart contract, be it on Supra or another destination chain. The random output can then be verified publicly by anyone, demonstrating that the number was indeed generated using the specified seed, and is thus a practical form of immutable randomness.
  5. Utilization: The smart contract can then use this random number for various purposes within the blockchain application, such as determining winners in a fair lottery, landing a critical git in a game, or selecting random traits during an NFT minting. This lends credibility to the fairness and integrity of any decentralized competition.

Supra Distributed Verifiable Random Function

In the first step, users provide inputs to the dVRF smart contract, which creates an input which is created in such a way that it’s simple to track any queries. In addition, malicious or Byzantine behaviors are avoided, such as repeated queries or rejecting the output selectively to impose biases. This is absolutely crucial as other VRF services have security flaws in which nodes can simply choose not to allow unfavorable outputs. 

Once we have our dVRF inputs, they’ll be fetched by Relay nodes, which then forward the inputs to dVRF service nodes (in the Supra ecosystem these are organized into clans). The dVRF clan nodes then individually compute partial evaluations of a random output, which are then aggregated by Aggregator nodes. The aggregated output is then returned to the calling smart contracts which verify the random outputs, and then invokes the user callback function to produce it for consumption.

To further optimize the basic dVRF framework, Supra allows multiple VRF requests at the same time. In this setting, once the partial inputs for a batch of VRF requests are returned and aggregated, the randomness outputs are then sent to the Supra blockchain.

Supra dVRF ELI5 Diagram
The flowchart demonstrates a simplified dVRF request from start to finish.

The Supra SMR service then verifies each of the VRF outputs separately, yet produces an appropriate aggregate signature for the calling smart contract (for example, in Ethereum, this would be ECDSA) on a batched set. This is a gas-optimized strategy since verifying each randomness output typically involves complex operations such as bilinear pairing and hashing to groups. 

Finally is Supra’s private VRF framework, which is similar to the frameworks we mentioned aside from one additional interaction between users and the dVRF smart contract. Once inputs have been created by the contract, they’re returned to users for blinding the output so that only the user can reveal it by choice. The rest of the process remains the same, and is optimized for Supra’s SMR. 

A good analogy to compare the blinded outputs is to use the game of Poker and the concept of bluffing. Note that this means to imply to the other players that one has a stronger hand than one actually does in reality to induce them to give up and fold their hands. Following this, bluffing card players often choose to keep private their discarded hands so as not to keep other players guessing.

Conclusion

Traditional financial services and security industries which rely on random data selection to identify fraud can also use VRFs to provide transparency regarding their protections of user privacy. Auditing services like the IRS could also utilize VRFs to provide public assurances that audits were not conducted in targeted manners or politically motivated.

Given the massive losses that many crypto users have experienced over the years, there’s an obvious need for tamper-proof randomness, and the transparency of blockchain ledgers more than ever. Supra’s network is arranged so that it cannot be front-run or gamed; with a simple integration, the randomness derived from Supra’s VRF takes the fidelity and fraud detection capabilities of any protocol to the next level. 

Participants deserve to know that their assets are being handled with care, and that no one has the ability to put their fingers on the scales of justice. Supra VRF empowers companies with cutting-edge transparency, and makes the necessity of Web3 technology more obvious as it contrasts with the pain points of the status quo. Integrating Supra’s VRF can give companies competitive advantages over their peers.

Supra’s VRF is set to become the gold standard for randomness generation and scalable oracle solutions. Web3 and Web2 applications alike could use a bit more transparency, and the early movers will soon take the form of the major players in this industry as their network effects grow exponentially via the massive adoption taking place behind the scenes. 

There are opportunities everywhere for early adopters to separate themselves from the crowd by leading the industry forward with the values of decentralization, transparency, and equal access to the global financial system. Integrations using Supra’s VRF will demonstrate their brand’s commitment to these principles of Web3 which separate us from the ivory towers of traditional finance.

twitterlinkedinfacebookmail

RECENT POSTS

Получайте новости, инсайты и многое другое

Подпишитесь на новостную рассылку Supra, чтобы получать новости, обновления, аналитические материалы об индустрии и многое другое.