Abstract
Most modern electronic devices can produce a random number. However, it is difficult to see how a group of mutually distrusting entities can have confidence in any such hardware-produced stream of random numbers, since the producer could control the output to their gain. In this work, we use public and immutable cryptocurrency smart contracts, along with a set of potentially malicious randomness providers, to produce a trustworthy stream of timestamped public random numbers. Our contract eliminates the ability of a producer to predict or control the generated random numbers, including the stored history of random numbers. We consider and mitigate the threat of collusion between the randomness providers and miners in a second, more complex contract.
This is a preview of subscription content, log in via an institution to check access.
Notes
- 1.
Any mention of commercial products is for information only; it does not imply recommendation or endorsement by NIST.
- 2.
The NIST Beacon’s published format includes features to mitigate some attacks–for example, the beacon operator cannot directly control the beacon outputs, as they’re the result of a SHA512 hash. However, he can predict and influence future random numbers.
- 3.
Without these commitments, Alice can always wait for Bob to publish a random number, and then choose hers to control the resulting shared value.
- 4.
A more general version of this idea appears in [18], applied to many real-world situations that can be modeled by game theory.
- 5.
The Merlin Chain is named after the character of Merlin in White’s The Once and Future King [21], who lives his life backwards in time.
- 6.
The producer can ensure this is always true by verifying that it doesn’t send the next \((V_x,U_x)\) message until it has seen at least one block go past on the blockchain since the last random output.
- 7.
This availability could be ensured by setting up another provider which does nothing except send a message to the lighthouse contract once every 256 blocks (since blockhashes produced more than 256 blocks in the past are irretrievable in the Ethereum system).
References
Ethereumprice. https://ethereumprice.org/. Accessed 27 June 2017
Litecoin. https://litecoin.org/. Accessed 16 June 2017
National Institute of Standards and Technology Beacon Program. https://beacon.nist.gov/home. Accessed 16 June 2017
Randao. https://github.com/randao/randao. Accessed 10 July 2017
Solidity Language. https://solidity.readthedocs.io/en/develop/. Accessed 16 June 2017
www.random.org. https://www.random.org/. Accessed 10 July 2017
Baignères, T., Delerablée, C., Finiasz, M., Goubin, L., Lepoint, T., Rivain, M.: Trap me if you can - million dollar curve. IACR Cryptology ePrint Archive 2015, 1249 (2015)
Bonneau, J., Clark, J., Goldfeder, S.: On bitcoin as a public randomness source. IACR Cryptology ePrint Archive 2015, 1015 (2015)
Bünz, B., Goldfeder, S., Bonneau, J.: Proofs-of-delay and randomness beacons in Ethereum. IEEE Secur. Priv. Blockchain (2017). http://www.jbonneau.com/publications.html
Clark, J., Hengartner, U.: On the use of financial data as a random beacon. IACR Cryptology ePrint Archive 2010, 361 (2010). http://eprint.iacr.org/2010/361
Fischer, M.J., Iorga, M., Peralta, R.: A public randomness service. In: 2011 Proceedings of the International Conference on Security and Cryptography (SECRYPT), pp. 434–438. IEEE (2011)
Kelsey, J.: The new nist beacon protocol and combining beacons (2017)
Lenstra, A.K., Wesolowski, B.: A random zoo: sloth, unicorn, and trx. IACR Cryptology ePrint Archive 2015, 366 (2015)
Mills, D., Martin, J., Burbank, J., Kasch, W.: RFC 5905: Network Time Protocol Version 4: Protocol and Algorithms Specification. Internet Engineering Task Force (IETF) (2010). tools.ietf.org/html/rfc5905
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008)
Rabin, M.O.: Transaction protection by beacons. J. Comput. Syst. Sci. 27(2), 256–267 (1983)
Rivest, R.L., Shamir, A., Wagner, D.A.: Time-lock puzzles and timed-release crypto (1996)
Schelling, T.C.: The Strategy of Conflict. Oxford University Press, Oxford (1960)
Syta, E., Jovanovic, P., Kokoris-Kogias, E., Gailly, N., Gasser, L., Khoffi, I., Fischer, M.J., Ford, B.: Scalable bias-resistant distributed randomness. In: 2017 IEEE Symposium on Security and Privacy, SP 2017, San Jose, CA, USA, 22–26 May 2017, pp. 444–460 (2017). https://doi.org/10.1109/SP.2017.45
Turing, A.M.: On computable numbers, with an application to the entscheidungsproblem. Proc. London Math. Soc. 2(1), 230–265 (1937)
White, T.H.: The Once and Future King. Ace Books, New York (1987)
Wood, G.: Ethereum: a secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper 151 (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG (outside the US)
About this paper
Cite this paper
Mell, P., Kelsey, J., Shook, J. (2017). Cryptocurrency Smart Contracts for Distributed Consensus of Public Randomness. In: Spirakis, P., Tsigas, P. (eds) Stabilization, Safety, and Security of Distributed Systems. SSS 2017. Lecture Notes in Computer Science(), vol 10616. Springer, Cham. https://doi.org/10.1007/978-3-319-69084-1_31
Download citation
DOI: https://doi.org/10.1007/978-3-319-69084-1_31
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-69083-4
Online ISBN: 978-3-319-69084-1
eBook Packages: Computer ScienceComputer Science (R0)