Decentralized Random Number Generation
- Rinkeby Creation Transaction Address
- Rinkeby Address
- Mainnet Creation Transaction Address
- Mainnet Address
Compiler 0.4.24+commit.e67f0147.Emscripten.clang with Optimization
- Some players, randers, submit random numbers, one number per submission (plus a fixed deposit and gas costs for each submitted random number). Every submitted random number is pushed to a (cyclical) L-length array. The rander whose random number gets booted off of this array upon a random number submission may get their deposit returned. Other players, preders, submit a prediction window (an array of predictions) along with 1 wager per unit window length (1 wager per prediction). Finally, there are customers, who pay the smart contract a fixed amount C to automatically have a random number sent to their address or some location of their choosing.
- Randers and preders can submit random numbers and predictions, respectively, at any time, but each may be entitled to payouts only when a customer places an order. Cases:
- The last submitted random number DOES NOT match a prediction. Thus, the L most recent randers are entitled to 1/(1+i)^2 of C, where i ranges from 1, 2, ..., L. The most recent rander (the one who actually submitted the emitted random number) receives an additional C/4. Excess customer payment not disbursed to randers (namely the amount L - ∑^L_i N/(1+i)^2) contributes to a pot of ether. Preders lose their wagers.
- The last submitted random number DOES match a prediction. Thus, all preders who submitted a prediction that matches the random number sent to the customer split C and receive their wager back in full. Furthermore, the first preder to submit the correct guess gets the ether pot. Note that there is nothing preventing any preder from "investing" in a particular value for a random number multiple times over using the same or different public addresses.
- In both cases, the customer pays C, pays gas, and receives the last submitted random number.
Preders are incentivized to correctly guess the next random number that will be utilized. Randers are, in turn, incentivized to frequently submit random numbers of maximal entropy to maximize their chance of not matching a predictor while maximizing their chance of earning income from C. By submitting frequently, randers maximize their chance of being one of the L-most recent randers). Random number submissions achieve maximum entropy when randers sample from the uniform distirbution. Hence, Lava exhibits long-run coincidence with true randomness.
If rander volume is low or too many customers freely take the random numbers submitted by the randers (for instance, by accessing the smart contract's logs), then the pot will build, eventually incentivizing preders to become customers and pay for random numbers themselves to reliably win the pot. But this opens an opportunity for randers to profit - they need only to submit a truly random number to reliably beat the opportunistic preder to profit.
Read these to understand why a rander, under pressure from preders, is incentivized to submit samples from the uniform distribution:
-
https://math.stackexchange.com/questions/275652/equivalence-between-uniform-and-normal-distribution
-
https://math.stackexchange.com/questions/1156404/entropy-of-a-uniform-distribution
MIT