WASM compatibility issues - do deterministic PRNGs exist for no_std verification? #342
Comments
drewstone
changed the title
|
ChaChaRng with a random seed may work |
|
The issue is the seed's source. It should be a block hash or all the transactions or something, so that Fiat-Shamir applies. I think even then one should double check that everything makes sense. One could even send a PR here for a "derandomized verifier" so people can speak about it concretely. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Linking this thread for background.
Hello,
We've been working on mixers in Substrate using this library and have gotten things to work for some time until live-testnet deployment where our Substrate WASM runtime has begun complaining about
getrandomincompatibilities. Judging by the comments in that thread, it seems we need to find other routes of verifying bulletproof proofs inside of ano_stdor WASM runtime. I'm curious to learn more why the verifier needs anrng/prngto do verification. Should fiat-shamir (assuming that's why it's used) really need fresh random values from aprng?Any recommendation as far as a
prngimplementation that uses a random seed to instantiate itself and that also compiles to WASM? This would allow me to use other on-chain randomness to achieve this goal instead of anOsRngwhich has been working locally for quite some time.The text was updated successfully, but these errors were encountered: