From fb4f52c52a1e5dd531c8e4d4d44141c0c99acf7a Mon Sep 17 00:00:00 2001 From: Chase Fleming Date: Wed, 8 Nov 2023 09:37:53 -0800 Subject: [PATCH] Update docs/build/advanced-concepts/randomness.md Co-authored-by: Alexander Hentschel --- docs/build/advanced-concepts/randomness.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/build/advanced-concepts/randomness.md b/docs/build/advanced-concepts/randomness.md index d0c172ab82..4d65893642 100644 --- a/docs/build/advanced-concepts/randomness.md +++ b/docs/build/advanced-concepts/randomness.md @@ -102,8 +102,9 @@ We recommend this approach as a best-practice example for implementing a commit- A commit-reveal scheme can be implemented as follows. The coin toss example described earlier will be used for illustration: - When a user submits a bidding transaction, the bid amount is transferred to the coin toss contract, and the block height where the bid was made is stored. This is a commitment by the user to use the SoR at the current block. Note that the current block's `SoR_A` isn't known to the transaction execution environment, and therefore the transaction has no way to inspect the random outcome and predict the coin toss result. The current block's `SoR_A` is only available once added to the history core-contract, which only happens at the end of the block's execution. The user may also commit to using an SoR of some future block, which is equally unknown at the time the bid is made. -- The coin toss contract may grant the user a limited window of time (i.e a block height range) to reveal the results and claim any winnings. Failing to do so, the bid amount remains in the coin toss contract. -- The user can submit a second transaction to call the coin toss contract and resolve the bid. The coin toss contract looks up the committed block height of the user and checks it has already passed. The contract uses the block height to query the past-block's `SoR_A` on the core-contract `RandomBeaconHistory`. +- The coin toss contract may grant the user a limited window of time (i.e a block height range) to send a second transaction for resolving the results and claim any winnings. Failing to do so, the bid amount remains in the coin toss contract. + + Within that reveal transaction, the user calls the coin toss contract, looks us up the block height at which the block was committed and checks that it has already passed. The contract queries that block's `SoR_A` from the core-contract `RandomBeaconHistory` via block height. - The coin toss contract uses a PRG seeded with the queried `SoR_A` and diversified using a specific information to the use-case (a user ID or resource ID for instance). Diversification does not add new entropy, but it avoids generating the same outcome for different use-cases. If a diversifier (or salt) isn't used, all users that committed a bid on the same block would either win or lose. - The PRG is used to generate the random result and resolve the bid. Note that the user can make the transaction abort after inspecting a losing result. However, the bid amount would be lost anyway when the allocated window expires.