# Public Randomness Beacon Public Good Inspired by https://forum.polkadot.network/t/public-good-product-ideas-to-be-built-for-the-polkadot-ecosystem/9540 ## Overview We propose a public goods parachain to provide **verifiable randomness and timelock encryption** for parachains. Such a common-good chain would allow any parachain to have easy access to verifiable on-chain randomness. ## Problem and Background Substrate-based chains do not have easy access to a reliable source of unbiased randomness. While the insecure randomness pallet exists, it is as the name suggests: not secure. Parachains can consume the verifiable randomness produced from BABE either by running BABE themselves, but solochains do not have access to a relay chain. While the relay chain’s VRF output can be consumed, this type of randomness doesn’t enable timelock encryption. Timelock encryption is a powerful cryptographic primitive where messages can be encrypted 'to the future', with signatures released in future rounds of the protocol acting as decryption keys. [Drand](https://drand.love) is the premiere 'distributed randomness beacon' that is used in Filecoin's consensus mechanism. It is maintained and supported by a distributed group of node operators called the League of Entropy. Drand itself is a **public good** that is free to consume, with only social-incentives for node operators to behave honestly (afaik). Drand's output can be efficiently and trustlessly bridged to Substrate-based chains (e.g. [pallet-drand](https://github.com/ideal-lab5/pallet-drand)), supplying fresh randomness with each block. However, this solution is sub-optimal, as it requires dependencies on external networks (i.e. we need to trust that drand won't experience outages). To reduce trust-assumptions would require a more trustless bridge to be enabled between Substrate and drand, however, drand's clock 'ticks' at its own pace, which implies there is a high probability that some pulses are missed. ## Idea A public good parachain could be deployed to provide trustless, reliable, unbiased and unmanipulable verifiable randomness to parachains. By implementing an interoperable randomness beacon as an on-chain protocol, we eliminate dependencies on external systems and create a fully trustless, community-governed solution that is always available and free to use. Chains bridged to this network would also be able to integrate timelock encryption into protocols, unlocking new capabilities such as async, non-interactive, trustless multiparty protocols. Parachains would be able to more easily consume verifiable randomness, no longer requiring an oracle or offchain worker to fetch it from an external system. Similar to drand, the output would be free to consume. It could be used in runtimes, smart contracts, or even beyond web3 use cases. Chains could easily consume the beacon via XCM (or hyperbridge, or others). By being a common good chain, the network would be able to continuously provide free randomness for any consumer, even those outside of the ecosystem. ## Conclusion At Ideal Labs we've been working with the web3 foundation, through the open grants program and now Decentralized Futures, to research and develop verifiable on-chain randomness solutions for Substrate-based chains. We have had significant difficulty in trying to define the crypto-economics of a chain whose main service is freely consumable (publicly verifiable on-chain randomness), leading us to explore the idea of a public good chain. We think this could significantly enhance the Polkadot ecosystem and invite the community to express thoughts/ideas how we can bring this to life.