PRNG Library with Pyth Entropy Integration

[baileynottingham]

This pull request introduces a new Pseudorandom Number Generation (PRNG) library designed to work seamlessly with Pyth Entropy. The library provides a suite of functions for generating, manipulating, and converting random numbers from a Pyth Entropy seed.

Key Features:

• Utilizes Pyth Entropy as a secure seed source
• Includes functions for generating random bytes, integers, and permutations
• Provides utility functions for expanding randomness and type conversions
• Fully documented with NatSpec comments for easy integration and usage

[vercel]

@baileynottingham is attempting to deploy a commit to the pyth-web Team on Vercel.

A member of the Team first needs to authorize it.

[jayantk]

@baileynottingham can you think of a way to ensure that the user of this library doesn't accidentally pass the same Entropy seed to multiple of these random functions? E.g., the following code would be easy to write but also a security mistake:

bytes32 entropySeed = ... // get from entropy
unit8 rand = PRNG.randomByte(entropySeed);
uint256 rand2 = PRNG.randInt(entropySeed);

In most programming languages, a PRNG has internal state to track the current seed. Each time the user calls a function requesting randomness, the PRNG automatically updates that state.

[baileynottingham]

Thank you for your input. I have updated the code to be a contract, allowing it to store an internal seed and nonce. The nextBytes32() function now returns a value and updates the nonce. This function is utilized internally by all other functions, ensuring that the nonce is consistently updated. As a result, the following code works correctly and returns a different number each time:

uint256 randomNumber1 = randUint();
uint256 randomNumber2 = randUint();
uint256 randomNumber3= randUint();
uint256 randomNumber4 = randUint();

[jayantk]

Instead of type conversion functions, I would rather see randUint, randUint64 similar to the existing randInt method. The user will know how to do type conversions in solidity (imo).

[jayantk]

(if the PRNG had internal state, then this method could be replaced by the user simply calling randBytes32 repeatedly)

[jayantk]

I like the approach here. I left a couple minor comments. One ask though is for some unit tests.

I realize it's hard to test random code. I think the best approach is probably to hardcode the behavior you expect for a couple cases, just to validate that (1) the code runs, and (2) simple stuff like calling nextUint() repeatedly returns different values.

You can put your unit tests here https://github.com/pyth-network/pyth-crosschain/tree/main/target_chains/ethereum/contracts/forge-test and they will run with the rest of the contract tests.

[jayantk]

I think the max should be exclusive, as that's the usual programming convention for ranges

[jayantk]

Can you also document that the result is uniformly distributed between min and max, with a slight bias toward lower numbers that is insignificant as long as (max - min) << MAX_UINT256

(if you consider the case where you put in max = MAX_UINT256 - 1 and min = 0, then 0 has 2x the probability of being chosen as any other number)

[baileynottingham]

Updated max to be exclusive and added your note in the docstring

[jayantk]

if this is limited to 32 bytes then this seems kind of redundant with the random bytes 32 method above. Maybe it's fine to delete and let users use the bytes32 version directly.

[baileynottingham]

Yeah after thinking about this again, I agree it is redundant now with the nextBytes32() method. I went ahead and deleted it

[jayantk]

is this right? if length < 32, isn't the result array shorter than the value you're trying to write into it?

[baileynottingham]

Not applicable anymore since this is removed

[baileynottingham]

Tests have been added!