Randomness is essential for use cases like lotteries, gaming, NFT traits, and validator selection. However, generating secure randomness on-chain is challenging because smart contracts execute deterministically. If attackers can predict the outcome, they can manipulate it to their advantage. This makes insecure randomness a critical vulnerability.
Q1: Why is randomness difficult to generate securely on-chain?
A1: Because smart contracts are deterministic and public
Q2: What is the primary risk of using predictable randomness in smart contracts?
A2: Front-running and manipulation
Q3: What does Chainlink VRF provide for secure randomness?
A3: Random values with cryptographic proofs
Q4: What is a tradeoff of commit-reveal schemes?
A4: Requires multiple steps and user coordination
