How a Decentralized Randomness Beacon Could Boost Cryptographic Security
Filecoin will be the first protocol to use this production-ready version of drand to create decentralized, verifiable randomness for “leader selection.”
Key takeaways:
- The League of Entropy is launching the first production-ready version of drand, a network that produces "randomness" (also known as entropy) for anyone to use.
- Randomness is essential to cryptographic security.
- Filecoin is the first protocol to use this version of drand in its upcoming mainnet launch to create decentralized, verifiable randomness for “leader selection.”
A novel cryptography piece, which could be of help to many cryptocurrency projects, is officially launching in production today.
The League of Entropy, which was launched last year, is opening the first production-ready version of drand, a network that produces "randomness" (also known as entropy) for anyone to use. Cryptography uses math and puzzles to secure communication in a way that snoops can't untangle. Randomness is an essential piece of cryptography that ensures security by adding unpredictable information to the mix.
What is entropy (or randomness)?
Randomness is data produced in an unpredictable way. One example is rolling a six-sided dice. Before rolling it, you can't predict which of the six numbers will appear.
You can even join together many dice rolls into a string of numbers. The more dice rolls done in a row, the more random and unpredictable the value.
A beacon is a randomness generator that shoots out random numbers at regular intervals, which anyone can look at and verify.
League of Entropy's drand beacon network is unique in that it generates randomness in a new way that doesn't rely on a single point of failure.
It's analogous to having several dice rollers generating numbers and stringing them together, so no single one needs to be trusted.
The founding members, who will be running the beacon, are Cloudflare, École polytechnique fédérale de Lausanne (EPFL), Kudelski Security, Protocol Labs, and the University of Chile. Current membership has expanded to include C4DT, ChainSafe, cLabs, Emerald Onion, the Ethereum Foundation, IC3, PTisp, Tierion and UCL.
At first an experimental project, League of Entropy is now launching drand in production for use on living and breathing projects. Filecoin, a decentralized storage network, will be the first to use the randomness generated by League of Entropy as an integral piece of its network.
"There is simply no public service at the moment that provides the necessary guarantees that multiple applications that use randomness need,” Protocol Labs research scientist Nicolas Gailly told CoinDesk. Protocol Labs is the research and development organization behind Filecoin, which aims to "radically improve the internet."
The researchers behind the network have big plans for it: They see it becoming as important as other protocols underpinning the internet today. (Of course, whether it becomes that big remains to be seen.)
Why randomness?
Randomness is a crucial part of cryptography.
When you generate a private key for bitcoin or another a cryptocurrency, randomness is an essential ingredient. It is a component that wallets generally generate behind the scenes with the help of math.
Randomness helps to ensure that no one else can guess what your private key is.
"Intuitively, this is why randomness is crucial in cryptographic applications – because it provides a way to create information that an adversary can't learn or predict," as a research paper on randomness from IEEE Security & Privacy magazine puts it.
For another example, Cloudflare famously uses a wall of lava lamps to produce the randomness it uses to secure a large swathe of the internet.
Public vs. private randomness
The type of randomness used in private keys is supposed to stay private, of course. Exposing the randomness could make it possible to figure out the full private key, leading the user to lose their cryptocurrency.
There's another, different type of randomness that League of Entropy uses – public randomness. This is useful for many other applications where the random numbers produced need to be verified by the public and can be verified by whoever looks at the website.
An example of where this can come in handy is a typical lottery, where the winners are chosen by supposedly random draws from a hat.
The problem is that lotteries have been gamed by the creators over the years, especially in cases where the creator has some control over the randomness generation process. It helps to have a beacon that chooses these random numbers, rather than a less public entity, as it makes it harder to game.
There are various ways to generate public randomness today. One such trusted source of randomness is the National Institute of Standards Technology (NIST).
But there is still one problem: Generally, you still have to trust the entity, whether NIST or some other organization, that generates the randomness.
That is where drand comes in. It's a beacon generating randomness but in a decentralized way, to the extent that the several members composing League of Entropy are providing the randomness. If all goes according to plan, you won't have to trust one single entity, such as NIST. The idea is that it's less likely the organizations comprising the league will collude.
"Today, randomness beacons generate numbers for lotteries and election audits – both affect the lives and fortunes of millions of people. Unfortunately, exploitation of the single point of origin of these beacons have created dishonest results that benefited one corrupt insider. To thwart exploitation efforts, Cloudflare and other randomness-beacon providers have joined forces to bring users a quorum of decentralized randomness beacons. After all, eight independent globally distributed beacons can be much more trustworthy than one!" reads the blog post announcing League of Entropy in 2019.
"There is no other production-ready randomness beacon that combines the guarantees of drand: publicly verifiable, decentralized and unbiasable," Gailly added.
Drand meets Filecoin
This "beacon" can be used for all sorts of applications, from election auditing, to lotteries, to cryptocurrency.
Filecoin is the first project to give the LoE beacon a whirl in Filecoin's attempt at making the internet better. Filecoin is in the midst of preparation for a mainnet launch, after several delays.
Bitcoin miners are more likely to win block rewards if they have more mining hardware and computational power. By contrast, miners in Filecoin are more likely to win block rewards if they have more storage space to contribute to the network.
The process of selecting a miner who wins each block reward is known as "leader selection." Filecoin will be using randomness generated by the League of Entropy for this so-called "leader generation."
"Being able to verify the validity of the randomness, that it's actually correctly generated, is a crucial property for leader election in blockchains," Gailly said.
They launched the League of Network beacon to accomodate all of these use cases.
STORY CONTINUES BELOW
"Drand’s largest deployment, the League of Entropy Mainnet, is a network specialized in generating randomness that can serve many applications rather than being tailored or embedded in just one application," said David Dias, research engineer at Protocol Labs and the drand project lead.
“The League of Entropy is creating the basis for future systems to leverage trustworthy public randomness online, and the new collaborative governance will only improve its ability to do so. We’re excited to watch drand help prevent bias and detect manipulation in elections, lotteries, and distributed ledger platforms, and improve the Internet for generations to come,” said Cloudfare head of research Nick Sullivan in a statement.