axiomzen / eth-random Goto Github PK

The current implementation can be predicted:

• block.blockhash(block.number) will always be zero, since block hash is not known until block is mined;
• seed can be looked up in the contract storage on the blockchain prior to the call, e.g. using web3.eth.getStorageAt();
• now is shared within internal messages in the same transaction, so we can make an exploit contract that will call target contract.

Consider switching to commit-reveal approach or using an externally updated seed.

Hi,

Just wondering about the RPG.sol example:
https://github.com/axiomzen/eth-random/blob/master/example/contracts/RPG.sol#L18

Would it be just as good if RPG inherited from Random so you wouldn't have to pay the extra gas for calling another contract? CALL costs 700 gas whereas JUMP only costs 1 gas. If you're doing this (and/or the network gets overloaded and gas prices), seems like you'd make a good saving by inheriting from Random rather than calling it from an external contract.

Is the above accurate?

Should make use of the described technique to implement what the README describes

Received a great feedback at OpenZeppelin's #article channel, ended up discussing about a lot of tradeoffs and design decisions we talked about a lot with @KaiCode2 and @jordanschalm and we absolutely should make room for those on the README

Namely:

1. State clearly our motivation pursuing this implementation
2. List the tradeoffs made in the process, make recommendations around mitigating the potential dominant miner possible exploit (there could be a case if the smart contract that is using random has reward that is large enough)
3. Explore possibilities around micah.zoltu suggestion on eliminating the use of now

In addition to those, it would make sense to use Github release feature to release of a Smart Contract to a certain commit, as we are likely to release other versions of Random with more features in the near future.

Add alternative: https://github.com/randao/randao