This repository has been archived by the owner on Nov 15, 2023. It is now read-only.
pallet-lottery: deal with randomness freshness #8311
Labels
I2-security
The client fails to follow expected, security-sensitive, behaviour.
Comments
andresilva
added
the
I2-security
|
Hey, is anyone still working on this? Due to the inactivity this issue has been automatically marked as stale. It will be closed if no further activity occurs. Thank you for your contributions. |
stale
bot
added
the
A5-stale
|
I've not looked at It's clearly impossible for any blockchain to simultaneously close a lottery and produce randomness with which to decide the lottery, but you might survive doing this if the lottery was low enough value. In our case, all block producers learn their babe/sassafras VRFs two/three epochs in advance, so you either need commitments to participate way in advance or else you need something like the random close time we use in elections. |
stale
bot
removed
the
A5-stale
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
#8180 changed the randomness API to also explicitly return how fresh some random material is. In order to safely use this entropy any commitments based on it must have been made before the randomness was known. In the context of the lottery pallet it means that people should only be able to sign up for the lottery to the point where we fetch the random data that will decide the winner, e.g. we accept new participants until block #50, on block #50 we get new (fresh) random material which is used later on to randomly select the winner.
The text was updated successfully, but these errors were encountered: