# Oracle vs Prevrandao ## Overview Randomness is the core of dice games. MemeDice supports two random number generation modes:**Oracle mode** and **Prevrandao mode**. The two modes each have their own advantages and disadvantages and are suitable for different scenarios. *** ## How it works ### Oracle mode Oracle mode uses **commit-reveal** mechanism, generating randomness through an off-chain Oracle service. ```mermaid sequenceDiagram participant O as Oracle service participant P as player participant C as game contract Note over O: ① Generate random number R Note over O: ② Calculate commitHash = keccak256(R) Note over O: ③ Sign (commitHash, deadline) O-->>P: Return commitHash + signature P->>C: placeBetAsync(commitHash, signature, bet parameters) Note over C: ④ Verify signature validity Note over C: ⑤ Lock commitHash Note over C: ⑥ Lock bet funds O->>C: fulfillRandomNumber(requestId, R) Note over C: ⑦ Verify keccak256(R) == commitHash ✅ Note over C: ⑧ Use R to determine the result Note over C: ⑨ Settle (pay out if win, otherwise add to the pool) ``` **Key security point**: * The Oracle has already determined the random number **before** the player places the bet (locked by commitHash) * When the player places the bet, they submit commitHash, and the contract locks it * The Oracle then reveals the random number, and the contract verifies `keccak256(R) == commitHash` * Oracle **cannot** change the random number after seeing the bet * player **cannot** predict the random number ### Prevrandao mode Prevrandao mode uses Ethereum's `block.prevrandao`(EIP-4399) as the source of randomness, completing betting and settlement in the same transaction. ```mermaid sequenceDiagram participant P as player participant C as game contract participant B as blockchain P->>C: placeBetSync(bet parameters) Note over C: ① Get block.prevrandao B-->>C: prevrandao value Note over C: ② Use prevrandao to determine the result Note over C: ③ Settle immediately C-->>P: Return result (same transaction) ``` **Key features**: * Randomness comes from the blockchain protocol layer * Betting and settlement are completed in **the same transaction** completed * No need to wait for Oracle response * The result is known immediately *** ## Comparison table | Dimension | Oracle mode | Prevrandao mode | | -------------------------- | ------------------------------------------------------- | --------------------------------------- | | **Source of randomness** | Off-chain Oracle service | The block's `prevrandao` value | | **Security mechanism** | Commit-Reveal cryptographic commitment | Blockchain protocol layer | | **Settlement speed** | Need to wait for Oracle response (usually 3-10 seconds) | Instant (same transaction) | | **Number of transactions** | 2 transactions (bet + reveal) | 1 transaction (bet and settle) | | **Gas fee** | Higher (Oracle reveal requires extra gas) | Lower (single transaction) | | **Verifiability** | ✅ Verifiable via commitHash | ✅ Verifiable via block explorer | | **Manipulation risk** | 🟢 Very low (cryptographic guarantee) | 🟡 Moderate (validators can manipulate) | | **Supported networks** | BSC, Base, HyperEVM | Ethereum only | | **Contract calls** | Allows contract calls | EOA only (externally owned account) | | **Batch betting** | ✅ Supported | ✅ Supported | | **Timeout protection** | ✅ Can be canceled on timeout | Not needed (instant settlement) | *** ## Use cases ### Scenarios recommended for the Oracle mode * ✅ **BSC network**: BSC does not support prevrandao, so Oracle must be used * ✅ **High security requirements**: The Oracle commit-reveal mechanism provides cryptographic-level security guarantees * ✅ **Allow contract interaction**: If you need another contract to call the betting function * ✅ **Large bets**: Higher security, suitable for large-bet scenarios ### Recommended scenarios for using Prevrandao mode * ✅ **Ethereum mainnet**: Native support for prevrandao * ✅ **Pursuing speed**: Instant settlement, no waiting required * ✅ **Save Gas**: Completed in a single transaction * ✅ **Simple experience**: Bet and get results immediately, smoother experience *** ## Oracle mode details ### Commit-Reveal mechanism Commit-Reveal is a classic cryptographic protocol used to fairly generate random numbers in untrusted environments: 1. **Commit stage**: * Oracle generates a random number `R` * Compute the hash `commitHash = keccak256(R)` * send `commitHash` and the signature to the player * The player will `commitHash` submit to the contract 2. **Reveal stage**: * The Oracle reveals the original random number `R` submit to the contract * The contract verifies `keccak256(R) == commitHash` * If the verification passes, use `R` to determine the result ### Why is it secure? ``` Timeline ─────────────────────────────────────► Oracle generates R Player bets Oracle reveals R Compute commitHash Submit commitHash Contract verification │ │ │ ▼ ▼ ▼ R is determined R is locked in R is verified (Oracle knows) (cannot be modified) (publicly verifiable) ``` * **Oracle cannot cheat**: commitHash is locked in before the bet, so the Oracle cannot modify R after seeing the bet * **Player cannot cheat**: The player does not know the value of R and cannot predict the result * **Anyone can verify**: Everyone can verify `keccak256(R) == commitHash` ### Timeout protection If the Oracle does not reveal the random number within the specified time (for example, if the Oracle service goes down), the player can: 1. Wait for the timeout period (`BET_TIMEOUT`, usually a few minutes) 2. Call the cancel function 3. Retrieve the betting funds This ensures that even if the Oracle does not respond, players’ funds will not be locked up. ### Oracle Fee The Oracle mode requires an additional Oracle service fee to cover: * Gas fees for Oracle reveal transactions * Operating costs of the Oracle service *** ## Prevrandao Mode Explained ### What is Prevrandao? `prevrandao`(EIP-4399) is a block-level pseudorandom value introduced in Ethereum after The Merge. It replaced the original `block.difficulty` field. * Each block has a unique `prevrandao` value * This value is determined by the RANDAO mix of the previous block * Before a block is proposed,`prevrandao` the value of is unpredictable (for ordinary users) ### Security Limitations Prevrandao mode has some security limitations: 1. **Validator Manipulation**: Block validators can selectively include or exclude transactions, indirectly affecting the outcome 2. **EOA Only**: Contracts cannot call the betting function in Prevrandao mode, preventing flash loan attacks 3. **Network Limitations**: BSC does not support prevrandao For a detailed security analysis, see [Prevrandao Security Analysis](/dapp.meme-en/technical-overview/prevrandao-security-analysis.md). *** ## How to choose? ```mermaid graph TD A[Choose random number mode] --> B{Which network are you using?} B -->|BSC| C[Only Oracle can be chosen ✅] B -->|Ethereum| D{What do you prioritize?} D -->|Security| E[Choose Oracle ✅] D -->|Speed and cost| F[Choose Prevrandao ✅] D -->|Need contract calls| G[Choose Oracle ✅] style C fill:#4F46E5,color:#fff style E fill:#4F46E5,color:#fff style F fill:#059669,color:#fff style G fill:#4F46E5,color:#fff ``` **Simple recommendation**: * If you're not sure, choose **Oracle mode**(default option) * If you're on BSC, you can only choose **Oracle mode** * If you're on Ethereum and want the utmost speed, you can choose **Prevrandao mode** *** ## Related links * ⬅️ Back [Technical Deep Dive Overview](/dapp.meme-en/technical-overview/technical-deep-dive-overview.md) * 🛡️ Learn More [Prevrandao Security](/dapp.meme-en/technical-overview/prevrandao-security-analysis.md) * 🔍 Use [Fairness Verification Tool](/dapp.meme-en/leaderboard-and-logs/fairness-verification.md) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.dapp.meme/dapp.meme-en/technical-overview/oracle-vs-prevrandao.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.