As the development of the blockchain, every feature for the contract comes out one after another.

Also, many gambling contracts attract more people from it.

On the blockchain, everyone believes that gambling is fair, public and justice. However, gambling, in reality, cannot achieve that.

Many gambling contracts concern about the random number which the final prize is based on the coming out a random number to finish executing the contract. Namely, the security of the random number cannot be fully secured. Therefore, the security of the gambling contract cannot be secured as well.

As everyone had heard or seen the cases about the unsecured random number. Some speculators depend on the bug on the random to gain the large amount of wealth which is the fans of blockchain don’t want to see at all. Thus, is there any proposal exists for the random number which is fully secured, public and justice? Now, let us see the prehistoric life and the problem behinds the reality.

01 The random number’s analysis of Zhang, Ju

In the computer, the random number is the fake random number, which depends on the base of the specific algorithm to get the random number. As the base is the same, the algorithm is the same and therefore the final random number would be the same after calculation.

Apparently, there is a kind of real random number, which depends on the noise from the electronic component to produce the random number.

From the personal opinion, within the gambling contract in the blockchain, it is not important of the random number to be random when everyone doesn’t know how to estimate the random number with an uncontrolled number.

Case One: EOS.WIN Quiz

The rules of the EOS.WIN’s quiz name. The account can pick any number. The system depends on the amount of the number to provide the reposed return rate. Then, the system will oﬀer a random number. If the result matches the same as the size of the account, the player won the prize and the return would be calculated by the return rate.

The process diagram of the quiz of guessing number

This random number in the contract is from the function of get_random. The factors that aﬀect the random number producing is: txid is hash algorithm ID, tacos_block_num trading grid amount, tapos_block_prefix blockchain ID prefix, bet_id global lottery number and etc. The bet_id will add one after every lottery.

Attacker deploys six attacked contracts to push the trade request from these accounts at the same

time to make sure that these trades are in the same grid. After that, they can get the

tapos_block_num and the tapos_block_prefix from this process. The random number can get after

getting the variables of bet_id.

Attackers can get the bet_id when they received the notification from the top five attacked

contracts. In addition, the bet_id will be judged if it can win the prize from the last account. If the

result from the calculation displays that the last account cannot win the prize, the lottery

notification will be executed normally. The account after uses the new bet_id for the lottery. If the

last account wins the prize from the calculated result, the lottery notification of this account will be

failed. Therefore, the bet on the last account will be larger so that the attacker will gain more.

This way cannot one hundred percents to win the prize, but the possibility is more than 60% on the rate of winning the prize, which is really high already.

Because these attackers can get the seed of the random number, the lottery result can be estimated.

Case Two: EOSDice

The random number seed the EOSDice uses are: tapos_block_prefix tapos_block_num name(user) game_id current_time pool_ol_eos.amount, and the tapos_block_prefix and tapos_block_num are the same as what it has in the case one. Meanwhile, it is very easy to get. Regarding the delay, the lottery time can get. The lottery time based on the delay time calculation, which the result can be found in the final.

According to the two cases above, it is not hard to see that the seed of the random number finally gets for the attackers through the algorithm. Therefore, the final random number is able to come out. As the result, the random amount of the contract can’t be against to be found and attacked. As the matter of fact, the better proposal of the random number in the blockchain.

02 How to fill in the pit of [the Random Number]

So far, BOSCore’s technological white paper provides one kind of proposal for the random number.

And it is displayed as below:

More Secured Random Number Proposal

At present, the known random number proposal of EOSIO above always combine the estimated several number field, such as blockid, timestamp and the others as the part of random seeds. And then combine with the device, DApp project side or DApp oﬄine project come out from DApp. This kind of proposal exists some secured risks. There is no way can reduce the reliability from the DApp’s project credibility and avoid some accident attack(such as INLINE_ACTION). Based on the question above, BOS starts the feature of block_extension which provides the proposal which is named bpsig_action_time_seed. It also needs the private sign key BP’s node to sign. And the coming out seed is saved in the block_extension which is easy for the other nodes for the authorization.

Combing the bpsig_action_time_seed, the account, node, DApp’s project can be constructed the proposal of random number. The generation method of bpsig_action_time_seed displays as below:

bpsig_action_time_seed = sign(BP_Sign_Key, f(block_timesamp,0.5)+global_action_sequence)

Memo:

BP_Sign_Key: Using the BP private sign key can avoid others to work on the speculating calculation

F: Leaving the result of block_timestamp as the digital number in the function can

decrease the BP adjusted time to executing the speculated rate

global_action_sequence: global action self-increase can against the attack of

INLINE_ACTION

So far, this proposal, in general, is very good, but the huge risk in BP controlled random number still exist. For example, if the BP want to behave illegally, then it can estimate its package time move up. Regarding the adjusted global_action_sequence to get its own random number, then its own bet in the betting contract. Therefore, the BP can gain the giant profit. So, the random proposal of BOSCore is not the best one to be as the perusable random number proposal.

Someone says that the public chain is unable to provide the random number, which is the excuses. Suppose that the random numbers come out in the contract, then this contract can execute the result with fully random. Other nodes cannot authorize directly to execute the result if it is legal or not. And the dishonest node can direct pointing out a number freely until this node gets the number which benefits for them and packages them into the grid afterward. Because the bytecode in the diﬀerent node’s visual machine for the authorized process, the random number comes out diﬀerently. The visual machine cannot make sure if the result is legal or not.

This result is clearly unacceptable on the design.

Public chain depends on the packing grid can save the data so that the data has a very high certainty. In the end, the random number doesn’t exist on the public chain.

As we said previously, the random number doesn’t need to be random in the blockchain if it is unable to be estimated and uncontrolled.

Therefore, does the random theory exists a proposal which is a real secured, fair, public and justice? I believe that the public chain can make a better random number proposal one day. Let us look forward to it.

Website

https://www.celeschain.io/

Telegram

https://t.me/celeschain

Twitter

https://twitter.com/CelesChain

Reddit

https://www.reddit.com/user/CelesChain

Medium

https://medium.com/@CelesChain

Facebook

https://www.facebook.com/celeschain

Youtube

https://www.youtube.com/channel/UC1Xsd8wU957D-R8RQVZPfGA

Business Plan Download

https://dn-release.qbox.me/pdf/Celes-Chain-Business-Plan_en.pdf?v=1531279736435

Technology White Paper Download

https://dn-release.qbox.me/pdf/Celes-Chain-WhitePaper_en.pdf?v=1531278564014