[KIP-114] Signature-based random in block headers

[ian0371]

KIP-114 is a proposal for signature-based random in block headers. See this PR in markdown Closes #114

[hyunsooda]

The provided pseudo code and description only verify the correctness of the randomReveal value and do not verify the value of mixHash.

This lack of verification opens up the possibility for an attacker to manipulate the mixHash value when they become a proposer, for example, setting it to zero. However, even if this attack is feasible, it is unclear how it could be exploited, as the randomReveal value still acts as a barrier that the attacker cannot bypass. It is possible that there might be another attack vector associated with this gadget, but without further information or analysis, it is difficult to determine. Additional comments or insights on potential attack vectors would be helpful for a more comprehensive understanding.

[ian0371]

@hyunsooda Thank you for review. I added the verification logic in pseudocode.

Without mixHash verification, a single malicious proposer can affect every usage of mixHash in the protocol. For example, an attacker can arbitrarily select a proposer in KIP-146. opRandom based on mixHash would not be a secure random (if we choose to introduce it in Klaytn).

[ian0371]

Changes

• opRandom contents are added.
• the sections predictability and tips for application developers has been rewritten
  • KIP-146 is removed