Skip to content

Add randomness reference across four skills#35

Open
claucondor wants to merge 7 commits into
onflow:mainfrom
claucondor:feature/cadence-randomness
Open

Add randomness reference across four skills#35
claucondor wants to merge 7 commits into
onflow:mainfrom
claucondor:feature/cadence-randomness

Conversation

@claucondor

@claucondor claucondor commented May 11, 2026

Copy link
Copy Markdown

Summary

Documents the four ways to generate randomness on Flow. Each API verified
on the emulator before writing. The reference set opens with an upfront
answer to the question every Flow dev hits: can you get randomness the
caller cannot revert on? (Yes, via the commit-reveal pattern with
RandomConsumer.)

  • cadence-lang: new randomness.md covering revertibleRandom<T>(),
    RandomBeaconHistory.sourceOfRandomness, RandomConsumer +
    Xorshift128plus, plus a decision matrix and 10 documented gotchas
    (view-fn constraint, in-block script repetition, modulo bias, deploy
    order, etc.)
  • cadence-audit: new randomness-vulns.md with 6 vulnerability
    classes — abort-on-bad-roll (reproduced 10/10 attempts on emulator),
    modulo bias, reveal-too-early, public Consumer capability,
    single-Request misuse, script-based randomness in tests
  • cadence-scaffold: new secure-randomness.md with 6 templates
    (native roll, beacon read, commit, reveal, setup, PRG multi-draw) plus
    an anti-template for the abort-on-bad-roll pattern
  • flow-react-sdk: new use-flow-revertible-random.md plus a security
    warning expanding the existing entry in hooks.md so users hitting the
    catalog see the "no economic outcomes" rule and the link to the
    deep-dive
  • flow-defi: cross-link from the existing "VRF Randomness" section in
    protocol-architecture.md to the new references
  • AGENTS.md: routing entry for randomness questions

@claucondor claucondor requested a review from a team as a code owner May 11, 2026 02:08

### Detection

Grep heuristic: any `.cdc` file that contains `revertibleRandom` AND (`panic(` OR `assert(`) in the same scope, AND has state mutation in the same `execute` block. Manual review required — not every same-tx use of `revertibleRandom` is exploitable, only those where the caller has incentive to revert.

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this detection rule is specific to transactions, but malicious transactions are probably not available to the user trying to scan for vulnerabilities.

Maybe frame this differently. something like detection by looking for randomness being used synchronously to make a decision where an external users could use the panic/assert approach to game the system

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants