0x2::random
This module provides functionality for generating secure randomness.
Random
RandomInner
RandomGenerator
create
load_inner_mut
load_inner
update_randomness_state
new_generator
derive_next_block
fill_buffer
generate_bytes
u256_from_bytes
generate_u256
generate_u128
generate_u64
generate_u32
generate_u16
generate_u8
generate_bool
u128_in_range
generate_u128_in_range
generate_u64_in_range
generate_u32_in_range
generate_u16_in_range
generate_u8_in_range
shuffle
use 0x1::bcs;
use 0x1::vector;
use 0x2::address;
use 0x2::hmac;
use 0x2::object;
use 0x2::transfer;
use 0x2::tx_context;
use 0x2::versioned;
Random
Singleton shared object which stores the global randomness state. The actual state is stored in a versioned inner field.
struct Random has key
id: object::UID
inner: versioned::Versioned
RandomInner
struct RandomInner has store
RandomGenerator
Unique randomness generator, derived from the global randomness.
struct RandomGenerator has drop
const ENotSystemAddress: u64 = 0;
const CURRENT_VERSION: u64 = 1;
const EWrongInnerVersion: u64 = 1;
const EInvalidLength: u64 = 4;
const EInvalidRandomnessUpdate: u64 = 2;
const EInvalidRange: u64 = 3;
const RAND_OUTPUT_LEN: u16 = 32;
const U16_MAX: u64 = 65535;
create
Create and share the Random object. This function is called exactly once, when the Random object is first created. Can only be called by genesis or change_epoch transactions.
fun create(ctx: &mut tx_context::TxContext)
fun create(ctx: &mut TxContext) {
assert!(ctx.sender() == @0x0, ENotSystemAddress);
let version = CURRENT_VERSION;
let inner = RandomInner {
version,
epoch: ctx.epoch(),
randomness_round: 0,
random_bytes: vector[],
};
let self = Random {
id: object::randomness_state(),
inner: versioned::create(version, inner, ctx),
};
transfer::share_object(self);
}
load_inner_mut
fun load_inner_mut(self: &mut random::Random): &mut random::RandomInner
fun load_inner_mut(self: &mut Random): &mut RandomInner {
let version = versioned::version(&self.inner);
// Replace this with a lazy update function when we add a new version of the inner object.
assert!(version == CURRENT_VERSION, EWrongInnerVersion);
let inner: &mut RandomInner = versioned::load_value_mut(&mut self.inner);
assert!(inner.version == version, EWrongInnerVersion);
inner
}
load_inner
fun load_inner(self: &random::Random): &random::RandomInner
fun load_inner(self: &Random): &RandomInner {
let version = versioned::version(&self.inner);
// Replace this with a lazy update function when we add a new version of the inner object.
assert!(version == CURRENT_VERSION, EWrongInnerVersion);
let inner: &RandomInner = versioned::load_value(&self.inner);
assert!(inner.version == version, EWrongInnerVersion);
inner
}
update_randomness_state
Record new randomness. Called when executing the RandomnessStateUpdate system transaction.
fun update_randomness_state(self: &mut random::Random, new_round: u64, new_bytes: vector<u8>, ctx: &tx_context::TxContext)
fun update_randomness_state(
self: &mut Random,
new_round: u64,
new_bytes: vector<u8>,
ctx: &TxContext,
) {
// Validator will make a special system call with sender set as 0x0.
assert!(ctx.sender() == @0x0, ENotSystemAddress);
// Randomness should only be incremented.
let epoch = ctx.epoch();
let inner = self.load_inner_mut();
if (inner.randomness_round == 0 && inner.epoch == 0 && inner.random_bytes.is_empty()) {
// First update should be for round zero.
assert!(new_round == 0, EInvalidRandomnessUpdate);
} else {
// Subsequent updates should either increase epoch or increment randomness_round.
// Note that epoch may increase by more than 1 if an epoch is completed without
// randomness ever being generated in that epoch.
assert!(
(epoch > inner.epoch && new_round == 0) ||
(new_round == inner.randomness_round + 1),
EInvalidRandomnessUpdate,
);
};
inner.epoch = ctx.epoch();
inner.randomness_round = new_round;
inner.random_bytes = new_bytes;
}
new_generator
Create a generator. Can be used to derive up to MAX_U16 * 32 random bytes.
Using randomness can be error-prone if you don’t observe the subtleties in its correct use, for example, randomness dependent code might be exploitable to attacks that carefully set the gas budget in a way that breaks security. For more information, see: https://docs.sui.io/guides/developer/advanced/randomness-onchain
public fun new_generator(r: &random::Random, ctx: &mut tx_context::TxContext): random::RandomGenerator
public fun new_generator(r: &Random, ctx: &mut TxContext): RandomGenerator {
let inner = load_inner(r);
let seed = hmac_sha3_256(
&inner.random_bytes,
&ctx.fresh_object_address().to_bytes(),
);
RandomGenerator { seed, counter: 0, buffer: vector[] }
}
derive_next_block
fun derive_next_block(g: &mut random::RandomGenerator): vector<u8>
fun derive_next_block(g: &mut RandomGenerator): vector<u8> {
g.counter = g.counter + 1;
hmac_sha3_256(&g.seed, &bcs::to_bytes(&g.counter))
}
fill_buffer
fun fill_buffer(g: &mut random::RandomGenerator)
fun fill_buffer(g: &mut RandomGenerator) {
let next_block = derive_next_block(g);
vector::append(&mut g.buffer, next_block);
}
generate_bytes
Generate n random bytes.
public fun generate_bytes(g: &mut random::RandomGenerator, num_of_bytes: u16): vector<u8>
public fun generate_bytes(g: &mut RandomGenerator, num_of_bytes: u16): vector<u8> {
let mut result = vector[];
// Append RAND_OUTPUT_LEN size buffers directly without going through the generator's buffer.
let mut num_of_blocks = num_of_bytes / RAND_OUTPUT_LEN;
while (num_of_blocks > 0) {
vector::append(&mut result, derive_next_block(g));
num_of_blocks = num_of_blocks - 1;
};
// Fill the generator's buffer if needed.
let num_of_bytes = num_of_bytes as u64;
if (vector::length(&g.buffer) < (num_of_bytes - vector::length(&result))) {
fill_buffer(g);
};
// Take remaining bytes from the generator's buffer.
while (vector::length(&result) < num_of_bytes) {
vector::push_back(&mut result, vector::pop_back(&mut g.buffer));
};
result
}
u256_from_bytes
fun u256_from_bytes(g: &mut random::RandomGenerator, num_of_bytes: u8): u256
fun u256_from_bytes(g: &mut RandomGenerator, num_of_bytes: u8): u256 {
if (vector::length(&g.buffer) < num_of_bytes as u64) {
fill_buffer(g);
};
let mut result: u256 = 0;
let mut i = 0;
while (i < num_of_bytes) {
let byte = vector::pop_back(&mut g.buffer);
result = (result << 8) + (byte as u256);
i = i + 1;
};
result
}
generate_u256
Generate a u256.
public fun generate_u256(g: &mut random::RandomGenerator): u256
public fun generate_u256(g: &mut RandomGenerator): u256 {
u256_from_bytes(g, 32)
}
generate_u128
Generate a u128.
public fun generate_u128(g: &mut random::RandomGenerator): u128
public fun generate_u128(g: &mut RandomGenerator): u128 {
u256_from_bytes(g, 16) as u128
}
generate_u64
Generate a u64.
public fun generate_u64(g: &mut random::RandomGenerator): u64
public fun generate_u64(g: &mut RandomGenerator): u64 {
u256_from_bytes(g, 8) as u64
}
generate_u32
Generate a u32.
public fun generate_u32(g: &mut random::RandomGenerator): u32
public fun generate_u32(g: &mut RandomGenerator): u32 {
u256_from_bytes(g, 4) as u32
}
generate_u16
Generate a u16.
public fun generate_u16(g: &mut random::RandomGenerator): u16
public fun generate_u16(g: &mut RandomGenerator): u16 {
u256_from_bytes(g, 2) as u16
}
generate_u8
Generate a u8.
public fun generate_u8(g: &mut random::RandomGenerator): u8
public fun generate_u8(g: &mut RandomGenerator): u8 {
u256_from_bytes(g, 1) as u8
}
generate_bool
Generate a boolean.
public fun generate_bool(g: &mut random::RandomGenerator): bool
public fun generate_bool(g: &mut RandomGenerator): bool {
(u256_from_bytes(g, 1) & 1) == 1
}
u128_in_range
fun u128_in_range(g: &mut random::RandomGenerator, min: u128, max: u128, num_of_bytes: u8): u128
fun u128_in_range(g: &mut RandomGenerator, min: u128, max: u128, num_of_bytes: u8): u128 {
assert!(min <= max, EInvalidRange);
if (min == max) {
return min
};
// Pick a random number in [0, max - min] by generating a random number that is larger than max-min, and taking
// the modulo of the random number by the range size. Then add the min to the result to get a number in
// [min, max].
let range_size = (max - min) as u256 + 1;
let rand = u256_from_bytes(g, num_of_bytes);
min + (rand % range_size as u128)
}
generate_u128_in_range
Generate a random u128 in [min, max] (with a bias of 2^{-64}).
public fun generate_u128_in_range(g: &mut random::RandomGenerator, min: u128, max: u128): u128
public fun generate_u128_in_range(g: &mut RandomGenerator, min: u128, max: u128): u128 {
u128_in_range(g, min, max, 24)
}
generate_u64_in_range
public fun generate_u64_in_range(g: &mut random::RandomGenerator, min: u64, max: u64): u64
public fun generate_u64_in_range(g: &mut RandomGenerator, min: u64, max: u64): u64 {
u128_in_range(g, min as u128, max as u128, 16) as u64
}
generate_u32_in_range
Generate a random u32 in [min, max] (with a bias of 2^{-64}).
public fun generate_u32_in_range(g: &mut random::RandomGenerator, min: u32, max: u32): u32
public fun generate_u32_in_range(g: &mut RandomGenerator, min: u32, max: u32): u32 {
u128_in_range(g, min as u128, max as u128, 12) as u32
}
generate_u16_in_range
Generate a random u16 in [min, max] (with a bias of 2^{-64}).
public fun generate_u16_in_range(g: &mut random::RandomGenerator, min: u16, max: u16): u16
public fun generate_u16_in_range(g: &mut RandomGenerator, min: u16, max: u16): u16 {
u128_in_range(g, min as u128, max as u128, 10) as u16
}
generate_u8_in_range
Generate a random u8 in [min, max] (with a bias of 2^{-64}).
public fun generate_u8_in_range(g: &mut random::RandomGenerator, min: u8, max: u8): u8
public fun generate_u8_in_range(g: &mut RandomGenerator, min: u8, max: u8): u8 {
u128_in_range(g, min as u128, max as u128, 9) as u8
}
shuffle
Shuffle a vector using the random generator (Fisher–Yates/Knuth shuffle).
public fun shuffle<T>(g: &mut random::RandomGenerator, v: &mut vector<T>)
public fun shuffle<T>(g: &mut RandomGenerator, v: &mut vector<T>) {
let n = vector::length(v);
if (n == 0) {
return
};
assert!(n <= U16_MAX, EInvalidLength);
let n = n as u16;
let mut i: u16 = 0;
let end = n - 1;
while (i < end) {
let j = generate_u16_in_range(g, i, end);
vector::swap(v, i as u64, j as u64);
i = i + 1;
};
}