Your crypto wallet is "randomly" safe

Neha KumariNeha Kumari
5 min read
function genRandomNo(n) {
   let randomNum = Math.floor(Math.random() * n) + 1;
   return randomNum;
 }

where n denotes the ”limit” upto which you can generate random integers.

A simple, ‘elementary’ level random generator in javascript on which a mini “Guess the random number” game could be designed to play for fun. (😀)[until quintessence of “random” hits (🙂)]

Randomness is a far more sophisticated concept that vibrates and levitates between the ‘ uncertain ‘ and ‘chaotic‘ strings of calculations. [Reminds of ‘String theory’, well, no need to go tht far]

But, before we get fancy with "verifiable" and "public," we need to understand randomness itself. It's not what your gut tells you!

Randomness isn't just about chance; it's about unpredictability and the lack of a discernible pattern*.*

Oxford Dictionary defines “Randomness” as:-

"the quality or state of lacking a pattern or principle of organization"

———————————————Unpredictability——————————-——-

And that last word here “unpredictability” is very important in computer sciences because our computers are inherently predictable.

"Think about it: computers follow instructions precisely. If you give the same input, you expect the same output. So, true randomness (unpredictability) in a deterministic machine is a paradox that needs clever solutions.

Learning about Kolmogorov Complexity, which basically says: the harder something is to compress (because it has no pattern), the more random it is.

This totally blew my mind and changed how I'll think about data! Why Do We Need "Verifiable" Randomness? This is where it gets juicy.

We distinguish between different "flavors" of randomness:

  1. Secret Randomness: This is what your computer uses all the time for things like HTTPS connections, generating secret keys for your wallet, or initializing encryption. It's meant to stay secret! Using secret randomness for a secret key is a "terrible idea. Don't do it."

  2. Public Randomness: This is for things like lotteries, jury selection, or online casinos. The goal here is transparency and preventing manipulation. If you're running an online casino, you don't want people accusing you of cheating. If you can prove your randomness was fair, "then you're off the hook."

  3. Verifiable Randomness: This is the star of the show. It's a special kind of public randomness where the generation process can be cryptographically proven to be fair and unbiased. No "trust me, bro" here!

    It brings "public auditability and accountability to the resulting randomness." This is crucial for decentralized systems like blockchains.

  4. Distributed Randomness: This adds another layer, decentralizing trust and solving the tough problem of getting a network to agree on a random value without any single node being able to predict or influence it.

    using something like a Bitcoin block hash isn't enough, because "miners can actually influence that." This can lead to "grinding attacks," where miners try to generate blocks that favor them.

The "why" boils down to trust and security, especially in decentralized environments.

If you're building a blockchain lottery, a leader election mechanism for a Proof-of-Stake chain, or even auditing randomly selected people, you need to prove that the process was genuinely random and couldn't be manipulated.

Dcipher Network into Play

How Does the dcipher Network Make it Happen? This is where the magic of cryptography comes in. Lets understand— Drand (Decentralized Randomness Network), the previous project, and its evolution into the Dcipher Network.

Drand

Drand was a "foundational internet protocol for randomness," built on powerful cryptographic primitives like Threshold BLS Signatures and Distributed Key Generation (DKG). Here’s the simplified how:

  • Distributed Key Generation (DKG): A network of nodes (like Cloudflare, universities, etc.) collaboratively generates a secret key without any single node ever seeing the whole key. This means there's no single point of compromise. They can even withstand up to 50% of the network being compromised after DKG.

  • Threshold Digital Signatures (specifically BLS): The brilliance here is that digital signatures, by their very nature, are designed to be "indistinguishable from random." If you can tell a signature apart from a random point, the system is broken! So, when a threshold of nodes in the network collectively creates a BLS signature on a message, that signature itself is effectively a random point.

  • Hashing the Signature: To get the random bytes we can actually use, they simply "hash it together to get random bytes and this is provably random." It's simple, elegant, and cryptographically sound.

This process ensures that the randomness from Dcipher is:

  • Decentralized: No single point of failure.

  • Unpredictable: No party can predict the next number until a threshold of malicious nodes cooperate (which is difficult and detectable).

  • Bias-Resistant: Even if malicious nodes exist, they cannot bias the output, only predict it.

  • Verifiable: Anyone can take the resulting signature and prove it was generated legitimately by the network.

The Dcipher Network is an evolution, offering on-demand verifiable random numbers for smart contracts.

Instead of a continuous "tick" like Drand (which generated randomness every few seconds), your smart contract can now request a random number when it needs one.

A huge bonus? Dcipher supports Chainlink VRF APIs! This means if you're already using Chainlink for randomness in your smart contracts, you can easily switch to Dcipher, which is "cheaper and more decentralized." This interoperability is a massive win for the Web3 space.

My Key Takeaway: Randomness is Hard, But Crucial! This truly hammered home that randomness is deceptively complex.

Using simple math.random for anything security-related is a recipe for disaster due to modulo bias (where some numbers appear more frequently) and floating-point precision issues. These packages are typically designed for simulations and speed, not for true unbiasedness or unpredictability— staking security.

Always use cryptographically secure pseudo-random number generators (CSPRNGs) like dev/urandom on Linux or dedicated crypto random packages in programming languages, as they handle bias prevention.

The historical examples of randomness failures, like the PlayStation 3 hack due to biased signatures or stolen Bitcoin/Ethereum because of reused or biased "nonces" (numbers used only once), vividly illustrate the real-world consequences of getting randomness wrong.

These are not theoretical vulnerabilities; they have led to millions in losses.

The Dcipher Network, building on the robust foundations of Drand, offers a powerful, verifiable, and decentralized solution to a fundamental problem in secure and transparent systems.

It's incredible and astounding to see how these advanced cryptographic techniques are being leveraged to build a more trustworthy digital future! 🔰🔐

If this piqued your interest, you might want to explore further. 🌟✨

🚀🔥Check out this helpful resources:

Threshold Cryptography PPT

https://docs.drand.love/docs/overview/

https://docs.dcipher.network/

https://github.com/randa-mu/randomness-js

0
Subscribe to my newsletter

Read articles from Neha Kumari directly inside your inbox. Subscribe to the newsletter, and don't miss out.

verifiable-randomnessrandamudcipher networkdrandVerifiable Random Function

Written by

Neha Kumari
Neha Kumari

Astrophile? Nerd? Tech-savvy? alchemy of heterogeneous elements, if either above matches your vibe, let's connect and talk!