You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The built-in RANDOM() function uses a "PRNG seeded on BLID,SCID,TXID".
This does not result in a truly random number, as it's possible to manipulate the seeds to predict it beforehand. Maybe it should be clearer in the docs? It's a very classic door for exploits, and developers inexperienced with smart contracts may not know it.
From my experience on the EVM, I'd prefer removing it and exposing the underlying hash function.
The text was updated successfully, but these errors were encountered:
The built-in RANDOM() function uses a "PRNG seeded on BLID,SCID,TXID".
This does not result in a truly random number, as it's possible to manipulate the seeds to predict it beforehand. Maybe it should be clearer in the docs? It's a very classic door for exploits, and developers inexperienced with smart contracts may not know it.
From my experience on the EVM, I'd prefer removing it and exposing the underlying hash function.
The text was updated successfully, but these errors were encountered: