[Resource Topic] 2023/1339: FlexiRand: Output Private (Distributed) VRFs and Application to Blockchains

Welcome to the resource topic for 2023/1339

FlexiRand: Output Private (Distributed) VRFs and Application to Blockchains

Authors: Aniket Kate, Easwar Vivek Mangipudi, Siva Mardana, Pratyay Mukherjee


Web3 applications based on blockchains regularly need access to randomness that is unbiased, unpredictable, and publicly verifiable. For Web3 gaming applications, this becomes a crucial selling point to attract more users by providing credibility to the “random reward” distribution feature. A verifiable random function (VRF) protocol satisfies these requirements naturally, and there is a tremendous rise in the use of VRF services. As most blockchains cannot maintain the secret keys required for VRFs, Web3 applications interact with external VRF services via a smart contract where a VRF output is exchanged for a fee. While this smart contract-based plain-text exchange offers the much-needed public verifiability immediately, it severely limits the way the requester can employ the VRF service: the requests cannot be made in advance, and the output cannot be reused. This introduces significant latency and monetary overhead.

This work overcomes this crucial limitation of the VRF service by introducing a novel privacy primitive Output Private
VRF ( Pri-VRF) and thereby adds significantly more flexibility to the Web3-based VRF services. We call our framework
FlexiRand. While maintaining the pseudo-randomness and
public verifiability properties of VRFs, FlexiRand ensures that
the requester alone can observe the VRF output. The smart
contract and anybody else can only observe a blinded-yet-verifiable version of the output. We formally define Pri-VRF,
put forward a practically efficient design, and provide provable security analysis in the universal composability (UC) framework (in the random oracle model) using a variant of one-more Diffie-Hellman assumption over bilinear groups.

As the VRF service, with its ownership of the secret key, be-
comes a single point of failure, it is realized as a distributed VRF with the key secret-shared across distinct nodes in our framework. We develop our distributed Pri-VRF construction by combining approaches from Distributed VRF and Distributed Oblivious PRF literature. We provide provable security analysis (in UC), implement it and compare its performance with existing distributed VRF schemes. Our distributed Pri-VRF only introduces a minimal computation and communication overhead for the VRF service, the requester, and the contract.

ePrint: https://eprint.iacr.org/2023/1339

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .