Closed Aliserag closed 1 week ago
nialexsan
commented
1 week ago could you please add some info regarding resetBet and revealBet?
I need to run resetBet between committing bets
and how to know whether my bet has won or lost from revealBet? it doesn't return anything, and I don't see any changes in my balance. I ran it 10 times and didn't win anything
bthaile
commented
1 week ago Are all the contracts available on testnet? I didn't see contract addresses.
sisyphusSmiling
commented
1 week ago Also, theres a similar example included in this PR (without the move obfuscation) as a contrast between Cadence & Solidity implementations. I think it would be helpful to link to the repo
Aliserag
commented
1 week ago Are all the contracts available on testnet? I didn't see contract addresses.
No
Aliserag
commented
1 week ago Are all the contracts available on testnet? I didn't see contract addresses.
None of the contracts are available, the user deploys them in the guide
tarakby
commented
1 week ago ok, good idea to omit to the commit-reveal section for now.
We should also omit the section https://developers.flow.com/evm/guides/vrf#generating-random-numbers-in-a-range as per my comment above as it's promoting an unsafe implementation, especially that is mentions applications like "lotteries".
sisyphusSmiling
commented
1 week ago @tarakby can you suggest a resource or point me to a methodology for safe implementation of function getRandomInRange(uint64 min, uint64 max) public view returns (uint64)? I've looked around and the only resources I could find referenced rejection sampling which doesn't pair well with the computational constraints of the contract environment IMO.
Edit: I revisited the article you shared on modulo bias and see the concept of modulo reduction. I'll explore this and see if it's workable in this context.
tarakby
commented
1 week ago @sisyphusSmiling there are two main ways to avoid the modulo bias:
5 (encoded in 3 bits) and your random generator provides 64 bits. You should not iterate till the 64 bits number is less than 5, you should consider 3 bits at a time from the 64 bits, and check if those 3 bits are less than 5 (it is the case with more than 50% - I let you do the math). This is the method we implemented in Cadence for revertibleRandom(modulo). get extra bits of randomness so that the modulo bias becomes negligible. If you need a random less than k and our security level target is 128 (considered safe enough and is used in Flow), we need to sample a log_2(k) + 128 bits, and not just 64 bits. Then we can use the % operator.
These 2 methods are cryptographically secure and are recommended by the cryptography standards. Here is a more technical resource on why this works: https://www.zkdocs.com/docs/zkdocs/protocol-primitives/random-sampling/#sampling-from-zq
sisyphusSmiling
commented
1 week ago Thank you for the advice @tarakby! I've added a first pass in https://github.com/onflow/random-coin-toss/pull/22, would appreciate a cursory review when you get the chance 🙏
The latest updates on your projects. Learn more about Vercel for Git ↗︎