After significant development, we've made secure randomness available on Sui Testnet. This crucial feature, powered by the sui::random module, opens up new possibilities for developers and builders on Sui.

Why do we need randomness onchain?

Apps and projects can use randomness in a wide range of different ways, from simulating a dice roll to assigning ticket numbers in a system that ensures fairness. There are more use cases for onchain randomness than one might initially think. Here are a few key examples:

1. Games of chance: The most obvious use case is for games like lotteries, card games, gacha, loot boxes, raffles, and casino games. Onchain native randomness allows these games to operate without requiring players to trust the game operator. The fairness of the game can be verified by anyone, ensuring transparency and trust. This use case extends to more complex games, such as determining if a character in an RPG scores a hit on an enemy.

2. Random sampling: Selecting a random subset from a larger group, which is useful in various domains such as governance and randomized audits. In dispute resolution, random sampling can be used to select an unbiased jury. Another example is random committee selection in oracles and DAOs for voting and decision-making processes to enhance fairness and transparency.

3. NFTs: Randomness enables the creation of random NFTs with different levels of rarity. For example, a crypto collectible might have various traits assigned probabilistically. Additionally, NFTs could incorporate genetic traits or random mutations in breeding scenarios, opening doors for creativity in the design and use of NFTs.

4. Contests and player matching: Interesting examples include randomly placing participants in tournament brackets, matching players for games and social interactions, determining the order of play in turn-based games, picking winners in the event of a draw, allocating players to teams and their order in drafts, assigning venue and referees on events.

Mysten Labs’ Andrew Schran discussing Sui’s native randomness at Sui Basecamp.

The technical side of decentralized randomness

For onchain randomness to be secure, it must be unpredictable and unbiasable. Unpredictability ensures that no one can predict the random values before they are used, preventing attackers from manipulating apps by front-running transactions or only engaging when outcomes are favorable. Unbiasability guarantees that no single party can influence the outcome of the randomness generation process, preventing attackers from skewing results to their advantage.

Existing solutions and their limitations

Various existing solutions aim to provide secure randomness, each with its own trade-offs. Using an external source of randomness such as a local/non-distributed Verifiable Random Function (VRF) is simple but not truly decentralized, as trusting a few nodes operating the VRF can lead to predictability and bias issues if the source colludes with other parties. Verifiable Delay Functions (VDFs) ensure randomness cannot be predicted until a certain time has passed, but also tend to be too slow for many apps. 

Other solutions use oracle-based randomness that might be predictable and biasable if the oracle colludes with nodes and can be slow to use in a secure way. For example, utilizing drand, a distributed randomness beacon, requires the process to wait for a randomness round that is far enough in the future to ensure it’s unpredictable.

Sui's approach to randomness

Mysten Labs has developed a solution that leverages threshold cryptography and Distributed Key Generation (DKG) to exhibit the qualities of being unpredictable, unbiasable, and fast. This solution appears on Sui as a randomness beacon supported by the validator network. At the start of each epoch, validators initiate a DKG protocol to generate secret shares of a distributed key. Then, continuously during the epoch, they use their shares of the key to produce randomness for apps to use. 

This native randomness solution is much faster than existing solutions on Sui. Randomness generation operates parallel to the consensus mechanism, providing random values quickly after a transaction has been ordered but before execution.

Additionally, Move and Programmable Transaction Blocks (PTBs) allow powerful compositions while preventing potential manipulation through built-in restrictions and compiler warnings. While there are important safety rails built-in, developers should ensure robust program designs to avoid inspection by other Move functions or PTB commands.

Using the sui::random module

The sui::random module provides access to pseudo-randomness within Sui, enabling a variety of apps. For example, developers can use this feature to implement a Move function that selects a random winner for a raffle. The source code for this and other examples can be found on our GitHub repository.

entry set_winner(game: &mut Raffle, rnd: &Random, ctx: &TxContext) { assert!(is_none(game.winner), EWinnerAlreadySet); // winner is of type Option<u32> let gen = new_generator(rnd, ctx); game.winner = Some(gen.generate_u32_in_range(1, game.num_of_tickets)); // num_of_tickets is u32 that represents the number of participants }

The second line of the function

set_winner

ensures that a winner has not already been selected. The function then initializes a new random generator, and a random number is generated within the range of ticket numbers. The result is a securely and unpredictably chosen winner, thanks to Sui’s robust random generation guarantees, which ensure that the value returned by generate_u32_in_range is random and unpredictable as long as less than one-third of the voting power of the network is corrupted.

While randomness is generated globally by the network and not per transaction, Sui derives from that global randomness an unpredictable and unbiasable seeded pseudorandom function family every time 

new_generator

is invoked.

Rounding up randomness on Sui

The introduction of a secure and scalable source of randomness to Sui is a crucial advancement, enabling developers to create more robust and secure apps. We encourage our community to provide feedback and explore new ways to use randomness. For more detailed technical information, refer to the Onchain Randomness documentation.

This feature is now available on Sui Testnet. We encourage developers to try it out and ensure their apps are ready to leverage secure and robust random values when native randomness is available on Mainnet. Thanks to our developers for contributing to a more secure and efficient Sui ecosystem!