Security News
Fluent Assertions Faces Backlash After Abandoning Open Source Licensing
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
@pythnetwork/entropy-sdk-solidity
Advanced tools
The Pyth Entropy Solidity SDK allows you to generate secure random numbers on the blockchain by interacting with the Pyth Entropy protocol. This SDK can be used for any application that requires random numbers, such as NFT mints, gaming, and more.
###Truffle/Hardhat
If you are using Truffle or Hardhat, simply install the NPM package:
npm install @pythnetwork/entropy-sdk-solidity
###Foundry
If you are using Foundry, you will need to create an NPM project if you don't already have one. From the root directory of your project, run:
npm init -y
npm install @pythnetwork/entropy-sdk-solidity
Then add the following line to your remappings.txt
file:
@pythnetwork/entropy-sdk-solidity/=node_modules/@pythnetwork/entropy-sdk-solidity
To use the SDK, you need the address of an Entropy contract on your blockchain and a randomness provider. You can find current deployments on this page.
Choose one of the networks and instantiate an IEntropy
contract in your solidity contract:
IEntropy entropy = IEntropy(<address>);
To generate a random number, follow these steps.
Generate a 32-byte random number on the client side, then hash it with keccak256 to create a commitment. You can do this with typescript and web3.js as follows:
const randomNumber = web3.utils.randomHex(32);
const commitment = web3.utils.keccak256(randomNumber);
Invoke the request
method of the IEntropy
contract.
The request
method requires paying a fee in native gas tokens which is configured per-provider.
Use the getFee
method to calculate the fee and send it as the value of the request
call:
uint fee = entropy.getFee(provider);
uint64 sequenceNumber = entropy.request{value: fee}(provider, commitment, true);
This method returns a sequence number. Store this sequence number for use in later steps.
If you are invoking this off-chain, the method also emits a PythRandomEvents.Requested
event that contains the sequence number in it.
Fetch the provider's random number from them.
For the provider 0x6CC14824Ea2918f5De5C2f75A9Da968ad4BD6344
you can query the webservice at https://fortuna-staging.dourolabs.app :
await axios.get(
`https://fortuna-staging.dourolabs.app/v1/chains/${chainName}/revelations/${sequenceNumber}`
);
This method returns a JSON object containing the provider's random number.
Invoke the reveal
method on the IEntropy
contract:
bytes32 randomNumber = entropy.reveal(
provider,
sequenceNumber,
randomNumber,
providerRandomNumber
)
This method will combine the user and provider's random numbers, along with the blockhash, to construct the final secure random number.
The Coin Flip example demonstrates how to build a smart contract that interacts with Pyth Entropy as well as a typescript client for that application.
FAQs
Generate secure random numbers with Pyth Entropy
We found that @pythnetwork/entropy-sdk-solidity demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.