Home/Blockchain/Verifiable Randomness/Vrf Protocols

πŸ”‘ VRF Protocols: Chainlink & RANDAO

Understand how Verifiable Random Functions work

Generate provably fair random numbers on-chain

Your Progress

0 / 5 completed
1
2
3
4
5

VRF Protocols

**Verifiable Random Functions (VRF)** are cryptographic primitives that generate pseudo-random outputs with a proof of correctness. The oracle uses its private key to generate both the random number and a proof that anyone can verify using the oracle's public keyβ€”ensuring the output wasn't manipulated.

VRF combines the properties of a hash function (deterministic, one-way) with public-key cryptography. Only the private key holder can compute the output, but anyone can verify it was computed correctly using the proof.

πŸ” How VRF Works

1
Request
Contract sends request with seed to VRF coordinator
2
Generate
Oracle computes VRF output and proof using private key
3
Verify
Coordinator contract verifies proof using oracle's public key
4
Deliver
Verified random number sent to requesting contract via callback

Interactive: VRF Flow Simulation

Watch the four stages of VRF random number generation and verification.

πŸ“

Input & Request

Smart contract requests random number with seed

πŸ”

Proof Generation

Oracle generates VRF proof using private key

βœ“

On-Chain Verification

Smart contract verifies proof validity

🎲

Random Output

Verified random number delivered to contract

VRF Provider Comparison

Compare the two leading VRF solutions for blockchain applications.

Chainlink VRF

ECVRF (Elliptic Curve VRF)
Cost
~$5-10 per request
Latency
2-3 blocks (~30-45s)
Security
Very High
Networks
12+ chains
Features
βœ“Subscription model
βœ“Direct funding
βœ“Premium features
βœ“Coordinator network

VRF Mathematics

VRF uses elliptic curve cryptography to generate provable randomness. The core operation:

VRF_Prove(SK, seed) β†’ (output, proof)
VRF_Verify(PK, seed, output, proof) β†’ valid/invalid
β€’SK: Oracle's secret key (kept private)
β€’PK: Oracle's public key (on-chain verification)
β€’seed: Input from smart contract (user-provided or block-based)
β€’output: The random number (deterministic from SK + seed)
β€’proof: Zero-knowledge proof that output was computed correctly

πŸ’‘ Key Properties

  • βœ“Unpredictable: Output cannot be known before proof generation
  • βœ“Verifiable: Anyone can verify correctness using public key
  • βœ“Unique: Same seed + key always produces same output (deterministic)
  • βœ“Collision-resistant: Different seeds produce independent outputs
←Previous