The Race for True Entropy | Why WEB3 Developers Choose RANDAO
1. Introduction
Entropy—unpredictable randomness—is a foundational element in securing fairness across blockchain ecosystems. Whether used in games, lotteries, NFTs, or decentralized governance, the generation of truly random values ensures legitimacy, trust, and economic integrity.
Yet, achieving secure and verifiable randomness on-chain is remarkably difficult. Blockchain was not designed for entropy; deterministic by nature, it lacks native tools for non-predictable outcomes. This has led to an arms race: who can provide the most secure, performant, and trustless source of randomness?
➡️ See The Onchain Randomness Problem for more on why Blockchain's were not built for randomness.
2. The Need for Verifiable Randomness in Web3
Many decentralized applications rely on randomness:
- NFT minting: Random allocation of rarity tiers
- GameFi: Critical in loot drops and gameplay mechanics
- DeFi: Used in governance voting slates and reward distributions
- On-chain lotteries: High-stakes randomness that must be tamper-proof
The Hot Lotto scandal, where an insider tampered with RNG systems to rig outcomes, reminds us of the catastrophic consequences when randomness can be predicted or manipulated.
Poor entropy damages trust, opens the door to exploits, and endangers both user assets and reputational capital.
3. The Onchain-RNG Trilema
Blockchains have inherent limitations for entropy:
- Blockhash-based randomness is insecure—miners or validators can influence the outcome by choosing whether to publish a block.
- Oracles, like Chainlink VRF, inject off-chain data, but introduce centralized trust and external attack surfaces.
- Multiparty compute (MPC) systems require a threshold of honest participants and are fragile to liveness failures if a subset becomes unresponsive or malicious.
Randomness solutions are ultimately constrained by the trade-off triangle: Trust, Transparency, and Liveness.
4. Evaluation Framework for Randomness Solutions
To evaluate entropy providers, we use the following framework (inspired by 1, 2, 3):
4.1 Verifiability
Any third party can confirm that randomness was generated correctly.
4.2 Uniqueness
Output cannot be reused or replayed.
4.3 Liveness
Random values are reliably produced in reasonable timeframes.
4.4 Robustness
Protocol continues operating even with high numbers of malicious actors.
4.5 Latency
Time between request and receipt of randomness.
4.6 Cost-Effectiveness
Fees incurred by developers and users.
5. RANDAO: Protocol and Evolution
RANDAO is a decentralized entropy protocol that leverages Time Lock Puzzles to enable any-honest randomness generation:
- Architecture: Commit-reveal protocol with bonded incentives
- Any-honest: Only one honest participant needed; can tolerate 99% malicious actors
- Time Lock Puzzles: Replace slow Verifiable Delay Functions (VDFs) with faster mechanisms
- Modular design: Collateralized participation ensures correct behavior
RANDAO Evaluation
| Criterion | Rating |
|---|---|
| Verifiability | ✅ Strong |
| Uniqueness | ✅ Strong |
| Liveness | ✅ Strong |
| Robustness | ✅ Strong |
| Latency | ✅ Low |
| Cost-Effectiveness | ✅ Efficient |
| Decentralized | ✅ Yes |
Used by MekaHuman for sweepstakes and WeAreWe for NFT drops, RANDAO delivers reliable randomness at scale.
6. Chainlink VRF: Tamper-Proof Oracle-Based RNG
Chainlink VRF generates randomness by combining blockhash data with cryptographic proofs, then delivering the result via off-chain oracles.
Key Strengths
- Production-proven and well-documented
- Verifiable results with cryptographic proof
Limitations
- Centralized oracle dependency contradicts Web3 trustlessness
- Higher latency and costs due to external verification steps
Chainlink VRF Evaluation
| Criterion | Rating |
|---|---|
| Verifiability | ✅ Strong |
| Uniqueness | ✅ Strong |
| Liveness | ⚠️ Moderate |
| Robustness | ⚠️ Oracle-based |
| Latency | ⚠️ Higher |
| Cost-Effectiveness | ⚠️ Expensive |
| Decentralized | ❌ No |
7. drand: Public Randomness Beacons
drand is a public randomness network built on threshold cryptography. Nodes generate randomness collectively and publicly.
Architecture
- Relies on MPC and threshold signatures
- Used by Filecoin and the League of Entropy
Limitations
- Requires >1/3 honest participants—vulnerable to collusion
- Susceptible to liveness failures if nodes go offline
drand Evaluation
| Criterion | Rating |
|---|---|
| Verifiability | ✅ Strong |
| Uniqueness | ✅ Strong |
| Liveness | ⚠️ Fragile |
| Robustness | ⚠️ 2/3 Honest |
| Latency | ✅ Low |
| Cost-Effectiveness | ✅ Public |
| Decentralized | ✅ Yes |
8. Comparative Analysis
| Feature | RANDAO | Chainlink VRF | drand |
|---|---|---|---|
| Trust Model | Any-Honest | Oracle-Based | 2/3 Honest |
| Verifiability | ✅ Yes | ✅ Yes | ✅ Yes |
| Liveness | ✅ High | ⚠️ Moderate | ⚠️ Fragile |
| Robustness | ✅ Strong | ⚠️ Weak | ⚠️ Threshold |
| Cost | ✅ Low | ⚠️ Higher | ✅ Low |
| Latency | ✅ Low | ⚠️ Moderate | ✅ Low |
| Decentralized | ✅ Yes | ❌ No | ✅ Yes |
9. Conclusion
Randomness is more than a technical detail—it's the pillar of fairness. Projects that prioritize trustlessness, decentralization, and robustness will lean toward RANDAO as their entropy solution.
References
- DID-based Distributed Verifiable Random Function with Successor Rule-based de Bruijn Sequence in Blockchain, DOI:10.1145/3651655.3651670
- Smart Contract-based Secure Verifiable Random Function using ChaCha20 Sequence in Blockchain, DOI:10.1145/3638025.3638028
- FlexiRand: Output Private (Distributed) VRFs and Application to Blockchains, DOI:10.1145/3576915.3616601