Entropy, the new maverick in town 🔮
0xShuul
0x8323
June 9th, 2024

Randomness is an instrument for fun and fairness on the web3. We need it to assign random traits to NFTs during the minting process, to ensure that each token is unique and is distributed unpredictably.

From selecting winners in decentralised lotteries and raffles, to selecting leaders/assign roles in DAOs, and to maximise the entertainment on blockchain gaming — in all things, randomness is indispensable.

Elements like loot drops, critical hits, and random encounters elevate the suspense and thrill in blockchain gaming. An essential XD
Elements like loot drops, critical hits, and random encounters elevate the suspense and thrill in blockchain gaming. An essential XD

Potential ways to engineer randomness

Early attempts

Traditionally, randomisation was exercised through straightforward random number generators (RNGs) or off-chain randomness sources.

There’s a reason why both of these methods were not ideal for blockchain applications:

Offchain randomness defeats the purpose of utilising randomisation in any blockchain application, because it involves depending on external source or oracle. This undermines the integrity and trustless nature of blockchain apps because randomness is acquired upon trust that is not absolutely verifiable.

Meanwhile, RNGs are an incomplete process; They lack a deterministic factor upon which all validators can agree on the state of the blockchain. This means that the same random number should be reproducible under the same conditions (The nature of blockchain is such that same input = same output, and the ideal randomisation protocol should match this), but this would not be possible with RNGs.

Discovering onchain randomness

As viable alternatives, there have been protocols ensuring that randomness is achieved entirely onchain, to achieve verifiability and tamper-proofing:

  1. The blockhash method: Using the hash of a future block to generate random numbers (but this can be manipulated by validators/miners by reordering or withholding transactions).

  2. Verifiable Random Functions (VRFs): To combine on-chain data with cryptographic techniques to generate random numbers that come with a cryptographic proof, making the latter impenetrable.

  3. Randomness beacons: It generates random values independently of the block's core operations to avoid biases and manipulations by validators.

But these protocols also suffer limitations!

But wait! don't get glum so soon, lottery kitty
But wait! don't get glum so soon, lottery kitty

While VRFs provide cryptographic proofs that ensure the randomness has not been tampered with, they can still suffer from liveness and bias issues. A malicious user can preemptively compute the output and decide to abort the protocol if the output is unfavourable, thus biasing the result.

On the other hand, randomness beacons generate random values independently of the block's core operations. While they help avoid biases and manipulations, they often rely on a centralised source or a small set of nodes, introducing trust issues.

Oh! The bane in creating a trusted setup that generates true randomness 😩😔

Fortunately, after examining prior setbacks in establishing onchain randomness, Pyth network recently introduced a breakthrough solution 😎

MYYYY hero... *happy disney princess noises*
MYYYY hero... *happy disney princess noises*

Entropy 😎, kitty’s (our) Hero

In the end, it's just you and pyth
In the end, it's just you and pyth

How Does Pyth’s Entropy Work?

Step 1: Commitment Phase

In the commitment phase, both the requester and the provider prepare their random numbers:

  • The requester writes a secret number on paper and seals it in an envelope (hashes it). The contents are private.

  • The provider generates a sequence of random numbers, sealing each in an envelope (producing hashes).

These sealed envelopes are then presented to the network, ensuring the contents remain confidential.

You write a secret number on a paper, and insert it into an envelope. No one is privy to the content inside.
You write a secret number on a paper, and insert it into an envelope. No one is privy to the content inside.
Summary: You have an envelope containing a secret number, Provider has multiple envelopes at hand.
Summary: You have an envelope containing a secret number, Provider has multiple envelopes at hand.

Step 2: Request phase

The requester submits their seal (hash of their random number) to the Pyth’s Entropy contract. Entropy assigns a specific number from the provider's sequence based on the requester’s seal.

E.g you give Pyth the seal “h(u)” → Entropy assigns you seal “h(i)” after running it through its function. So, the number that Entropy assigns you is “i”.

Instead of committing your true random number, you give the provider the number that Entropy had assigned you (“i”), in return for a random number.

By revealing the number ‘i’ to them, the true committed number (“u”) is still withheld effectively, maximising security.

Step 3: Reveal phase

At this juncture, the provider will have to verify you: they do so by checking their on-chain sequence number to ensure it is greater than “i” and then reveals a number, Xi.

The provider verifies the requester by checking the on-chain sequence number. If the conditions are met, the provider reveals their number.
The provider verifies the requester by checking the on-chain sequence number. If the conditions are met, the provider reveals their number.

Step 4: Final verification

The requester submits both numbers (theirs and the provider’s) to Entropy. Entropy verifies these numbers using the respective hash functions.

  1. X(u) → concealed and yours

  2. X(i) → from provider

Entropy verifies Xi by checking that h(i) = Xi-1 (provider’s function), and Xu, through h(u) = h(Xu) (contract’s function).

Step 5: Producing the random number

Once both inputs are verified, Entropy combines them to produce the final random number.

Why Entropy is an improved model:

  • Converse to the blockhash method, Entropy reduces the risk of manipulation, since it requires collusion between multiple parties to influence the outcome;

  • Unlike VRFs, Pyth Entropy enhances the commit-reveal protocol by allowing a single party to commit to multiple random numbers upfront, reducing the number of transactions required and mitigating the liveness issue. This ensures that the protocol proceeds to completion once initiated, providing a more reliable and unbiased source of randomness;

  • In contrast to randomness beacons, Entropy operates in a decentralised manner, leveraging a commit-reveal protocol that minimises trust between participants. This decentralised approach ensures that the randomness is not controlled by a single entity, enhancing security and trustworthiness.

Additional perks:

  1. By pre-committing to random numbers, Pyth Entropy minimises on-chain transactions, leading to faster and cheaper operations (lower gas fee + latency😎).

  2. Pyth Entropy is designed to be easy to integrate into existing blockchain applications. It requires minimal code changes and can be implemented permissionlessly, making it accessible to a wide range of developers

  3. By incorporating the blockhash into the final random number, it adds an additional layer of randomness and security, making it difficult for any single party to predict or manipulate the outcome. As long as one party is honest, the resulting number is guaranteed to be random.

  4. Every step is verifiable on-chain, ensuring the integrity of the random numbers generated.

Impact on DeFi and Web3:

  • Optimised randomness ensures genuinely fair and unbiased outcomes in applications like lotteries, games, and NFTs. This fairness is critical for user trust and engagement, particularly in high-stakes scenarios like decentralised finance (DeFi) protocols or NFT auctions.

  • DeFi protocols often require randomness for tasks like selecting validators, distributing rewards, and managing pools. Using entropy to generate randomness could ensure these processes are conducted fairly and securely, reducing the risk of exploits and increasing overall protocol stability.

  • Efficient randomness protocols reduce the computational resources and gas fees required to generate and verify random numbers on-chain, making a wide range of applications more economically viable on the blockchain,

  • Randomness enhances high-frequency and high-throughput applications, like real-time gaming and trading platforms, without compromising security or fairness.

  • Users can independently verify the randomness used in their interactions with blockchain applications, building confidence and allowing broader participation in Web3 activities.

  • Perhaps, DAOs can utilise optimised randomness for decision-making processes, member selection, and distribution of roles and responsibilities, ensuring unbiased and fair governance mechanisms.

Conclusion? Try Pyth’s Entropy ^_^

References:

Subscribe to 0xShuul
Receive the latest updates directly to your inbox.
Mint this entry as an NFT to add it to your collection.
Verification
This entry has been permanently stored onchain and signed by its creator.
Arweave Transaction
oKowrSmpv4gXcyy…XPAHoYXW12_I1OE
Author Address
0x832397b6B371905…40dabD1f8Ebb656
Content Digest
P5mAsq8ELtENmFW…-YFX0IjtAyBIW-w