RANDAO-based RNG: Last Revealer Attacks in Ethereum 2.0 Randomness and a Potential Solution
Do Hai Son, Tran Thi Thuy Quynh, Le Quang Minh
TL;DR
Through the analysis, the proposed method can prevent the LRA under favorable network conditions and a Shamir's Secret Sharing-based RANDAO scheme to mitigate the LRA.
Abstract
Ethereum 2.0 is a major upgrade to improve its scalability, throughput, and security. In this version, RANDAO is the scheme to randomly select the users who propose, confirm blocks, and get rewards. However, a vulnerability, referred to as the `Last Revealer Attack' (LRA), compromises the randomness of this scheme by introducing bias to the Random Number Generator (RNG) process. This vulnerability is first clarified again in this study. After that, we propose a Shamir's Secret Sharing (SSS)-based RANDAO scheme to mitigate the LRA. Through our analysis, the proposed method can prevent the LRA under favorable network conditions.