Though the function getRandom is allowed only for consumer but Random number can be known to anyone from states. Whenever the reveal phase is successfully over, mutable field random is last updated and remains same for usage by consumer (after reveal phase). https://github.com/merkaliser/scilla-vanilla/blob/develop/Randao/contract.scilla#L200
Hence, this should be avoided else consumer is bound to use it first of all as soon as reveal phase gets over.
Suggestions:
Whenever consumer is setting the campaign for the very first time, we can take sha256hash from him. The secret of this hash will be used while he wants to use the random no. Hence this can be used similarly as our algorithm to generate random no. to generate completely different number.
Just it would ensure, the random no. is generated instantaneously when consumer call the function.
Or simply, consumer can give seed while calling the function...
Though the function
getRandomis allowed only for consumer but Random number can be known to anyone from states. Whenever the reveal phase is successfully over, mutable fieldrandomis last updated and remains same for usage by consumer (after reveal phase). https://github.com/merkaliser/scilla-vanilla/blob/develop/Randao/contract.scilla#L200 Hence, this should be avoided else consumer is bound to use it first of all as soon as reveal phase gets over.Suggestions: Whenever consumer is setting the campaign for the very first time, we can take sha256hash from him. The secret of this hash will be used while he wants to use the random no. Hence this can be used similarly as our algorithm to generate random no. to generate completely different number. Just it would ensure, the random no. is generated instantaneously when consumer call the function.
Or simply, consumer can give seed while calling the function...