Secure Handling of Randomness in Solidity Smart Contracts

By Anastasia K.4 min readMarch 30, 2026

To ensure the security and integrity of random number generation, developers must avoid common pitfalls such as using block attributes (like block timestamp or block difficulty) as sources of randomness. Instead, they should consider more secure alternatives, such as using Chainlink VRF (Verifiable Random Function) or other decentralized randomness solutions. This article will delve into these methods, provide code examples, and discuss their implications.

Understanding the Risks of Randomness in Smart Contracts

Using insecure methods for generating randomness can lead to vulnerabilities, including:

Predictability: If an attacker can predict the outcome of a random number generation, they can manipulate the contract's behavior.
Manipulation: Block attributes can be influenced by miners, allowing them to control the randomness.
Replay Attacks: If randomness is reused across transactions or blocks, it can lead to unintended consequences.

Secure Randomness Generation Methods

1. Chainlink VRF

Chainlink VRF is a decentralized oracle service that provides provably random numbers. It uses cryptographic proofs to ensure that the randomness cannot be manipulated.

Implementation Example

To use Chainlink VRF, you need to install the Chainlink contracts and set up your contract to request randomness.

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;

import "@chainlink/contracts/src/v0.8/VRFConsumerBase.sol";

contract RandomNumberGenerator is VRFConsumerBase {
    bytes32 internal keyHash;
    uint256 internal fee;

    uint256 public randomResult;

    constructor(address _vrfCoordinator, address _linkToken, bytes32 _keyHash) 
        VRFConsumerBase(_vrfCoordinator, _linkToken) {
        keyHash = _keyHash;
        fee = 0.1 * 10 ** 18; // 0.1 LINK
    }

    function getRandomNumber() public returns (bytes32 requestId) {
        require(LINK.balanceOf(address(this)) >= fee, "Not enough LINK");
        return requestRandomness(keyHash, fee);
    }

    function fulfillRandomness(bytes32 requestId, uint256 randomness) internal override {
        randomResult = randomness;
    }
}

2. RANDAO

RANDAO is another method for generating randomness by relying on a distributed group of participants to generate a random number collaboratively. Each participant submits a hash, and the final random number is derived from these hashes.

Implementation Example

Implementing RANDAO requires careful management of participants and their contributions.

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;

contract RANDAO {
    uint256 public randomNumber;
    mapping(address => bytes32) public contributions;
    address[] public participants;

    function contribute(bytes32 _hash) public {
        require(contributions[msg.sender] == 0, "Already contributed");
        contributions[msg.sender] = _hash;
        participants.push(msg.sender);
    }

    function reveal(uint256 _random) public {
        require(contributions[msg.sender] != 0, "No contribution found");
        require(_random == uint256(keccak256(abi.encodePacked(contributions[msg.sender]))), "Invalid random number");
        
        // Combine all contributions to generate the final random number
        randomNumber = uint256(keccak256(abi.encodePacked(randomNumber, _random)));
    }
}

3. Use of Commit-Reveal Schemes

In a commit-reveal scheme, participants first commit to a random value and later reveal it. This prevents manipulation since the commitment must be made before the reveal.

Implementation Example

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;

contract CommitReveal {
    struct Commitment {
        bytes32 hash;
        bool revealed;
    }

    mapping(address => Commitment) public commitments;
    uint256 public finalRandomNumber;

    function commit(bytes32 _hash) public {
        require(commitments[msg.sender].hash == 0, "Already committed");
        commitments[msg.sender] = Commitment(_hash, false);
    }

    function reveal(uint256 _random) public {
        Commitment storage commitment = commitments[msg.sender];
        require(commitment.hash != 0, "No commitment found");
        require(keccak256(abi.encodePacked(_random)) == commitment.hash, "Invalid reveal");

        commitment.revealed = true;
        finalRandomNumber = uint256(keccak256(abi.encodePacked(finalRandomNumber, _random)));
    }
}

Summary of Randomness Generation Methods

Method	Security Level	Use Case	Complexity Level
Chainlink VRF	High	Games, lotteries, and any fair randomness	Low
RANDAO	Medium	Collaborative randomness generation	Medium
Commit-Reveal	High	Secure random number generation	Medium

Conclusion

Secure handling of randomness in Solidity smart contracts is essential to maintain the integrity and fairness of decentralized applications. By utilizing methods like Chainlink VRF, RANDAO, or commit-reveal schemes, developers can mitigate risks associated with random number generation. It is crucial to choose the right method based on the specific use case and security requirements of your smart contract.

Learn more with useful resources: