Generating randomness on-chain is notoriously hard. You need a number that’s unpredictable before it’s revealed, unbiased during its generation, and verifiable afterward. To make things even more challenging, nodes of the network have to generate and agree on random numbers in a distributed and decentralized manner. With these nearly opposing constraints, traditional random functions (like Math.random()) aren’t an option.
Enter the Verifiable Random Function (VRF)—the gold standard for fair, tamper-proof randomness in blockchain protocols.
But here’s the catch:
On many chains, getting a single random number can cost you $5 or more - every single time you need to request numbers.
That’s why Flow changed the game—by offering secure, verifiable randomness that’s fully on-chain, native to the protocol, and basically free.
Let’s break down how it works and why, if you’re building anything that depends on randomness, Flow should be your go-to chain.
What is a VRF?
A Verifiable Random Function generates random numbers that can be publicly verified using cryptographic proofs. The verification lets anyone verify the randoms were generated fairly and were not tampered with, making a VRF ideal for decentralized applications that require trustless randomness. In decentralized protocols, a VRF is computed jointly by the validators of the network which makes it a distributed VRF. The outcome of a VRF is used under the hood to execute user transactions when randomness is needed.
Use cases include:
- Gaming: Integrates fairness and unpredictability into gameplay, enhancing user engagement.
- NFTs: Facilitates the creation of uniquely randomized traits in NFTs, adding to their rarity and value.
- Lotteries & Draws: Offers instant and verifiably fair random selection for lotteries, solidifying trust.
- DeFi Protocols: Enables rapid and innovative random reward systems within decentralized finance.
- DAOs: Assists in unbiased voting and task assignments.
- Broad Applications: Extends to any domain requiring impartial randomization, from asset distribution to security mechanisms.
- Proof of Stake protocols: Contributes to the consensus security by selecting the validator to propose the next block.
And most importantly: provable fairness your community can verify.
The Old Way: Chainlink VRF
Many devs are familiar with Chainlink VRF, (who was a pioneer in this field), which works by implementing a large and complicated contract, paying about $5 for a transaction to request a number, then waiting to have an external oracle generate randomness and return it to your contract along with a proof.
It’s secure, but:
- You rely on an external network of oracles - Oracles are third-party services. This is a problem because every time your smart contract depends on a third-party service, you’re introducing an external dependency into your application. That means more integration work, more potential points of failure, and more things to monitor.
- Latency: When a contract asks for a random, it has to wait till the random is generated and returned by Chainlink. This means that you’ll need a second transaction several blocks later to retrieve the value and do something with it. On Flow, the random is instantly generated within the same transaction, just like calling Random() in most other languages.
- It requires holding LINK tokens, and it can cost up to .25 LINK or ~ $5 per random number
Even with improvements, it’s still not cheap—and for high-frequency randomness, that’s a serious limitation.
The Flow Cadence Way: Native VRF That’s Fast, Secure, and Practically Free
Flow offers a built-in VRF as part of the protocol. That means:
- No oracles
- No external dependencies
- No token juggling
- No excessive fees
- No latency for revertible randomness, and one block latency if Commit-Reveal is used.
Flow’s VRF is a native part of the protocol - each block includes a new fresh secure source of randomness. There are two options to use Flow’s VRF, each option is suitable for a different use-case.
Revertible randomness is available instantly within the same transaction and is perfect for trusted transactions you call, such as distributing a prize to a random winner, generating raffle tickets for a later drawing, or anything else you call with a trusted user on your backend.
In cases where the user might choose to revert the transaction (if they don’t like the outcome once the random result is revealed), you can double-down on security with a Commit-Reveal scheme. Using this technique, the user commits to randomness in one block and has it revealed in a future block. Users commit to using a future randomness without being able to predict it. Once committed, users cannot reverse their actions.
Check out the tutorial here: Native VRF with Commit-Reveal in Cadence
Prefer EVM? Flow’s Got You Covered
Flow recently launched full EVM compatibility, so if you're coming from Ethereum or other EVM chains, you can use familiar tools directly on Flow’s EVM layer. This includes Flow’s native VRF which is available on both cadence and solidity.
Guide here: VRF on Flow EVM
This gives you the best of both worlds: Flow’s speed and affordability, with all the tooling you already know.
…and it’s much easier to implement than Chainlink!
Flow EVM
Other EVM with Chainlink (Source)
Here are Some Interesting Examples of this Currently Being Used
Revertible Randomness
Beezie
Beezie uses a Claw Machine mechanism that lets users pay for a chance at random prizes. Therefore, ensuring to their community that the prizes are truly random is essential. Additionally, they want the Claw Machine to have minimal fees and costs for users, whilst also being played at high volume.
If Beezie used a solution like ChainLink, the unfairly high fees to pull a RNG would mean either tighter margins for Beezie, or higher costs for users. Both of those are outcomes founders obviously want to avoid. Hence why going with the Flow makes so much sense for Beezie.
Thanks to Flow, Beezie can have the Claw Machine pick prizes with randomness, whilst staying decentralized, uniformly random, and verifiably fair. And at the same time, keeping Beezies overhead minimal, the user experience fast, and everything onchain.
Beezie gets its randomness for its claw machine straight from the Flow protocol using a function called revertibleRandom(). This lets Beezie randomly pick prizes in the Claw Machine with minimal overhead, keeping things fair, fast, and fully on-chain.
You can view the smart contract here: https://evm.flowscan.io/address/0x2A39e0b6890b686329a95bF6da3aB86869aAe001?tab=contract
Fixes.world
Fixes World is a programmable token universe on Flow. It provides multiple fungible token issuance, trading, staking, and governance services. It’s driven by the inscription mechanism to enable underlying programmable features.
One such feature is a lottery. Fixes’ Lottery utilizes Flow Cadence's native revertibleRandom() method to provide a source of randomness for the lottery. Whenever a user purchases a lottery ticket and when the final winning numbers for each round are generated, the FGameLottery contract employs Flow's built-in VRF functionality to produce the lottery numbers.
This ensures a fully on-chain, native, secure, and fair lottery gaming experience for Fixes Lottery.
You can view the smart contract here:
https://contractbrowser.com/A.d2abb5dbf5e08666.FGameLottery
https://www.flowscan.io/contract/A.d2abb5dbf5e08666.FGameLottery?tab=deployments
Commit-Reveal
$TSHOT
TSHOT is a fungible token you mint 1-for-1 with any Common or Fandom NBA Top Shot Moment. The companion TSHOT Exchange contract lets holders burn 1-50 TSHOT to receive a randomly selected set of Moments, all powered by Flow’s native VRF. This is currently live on https://vaultopolis.com/
Build Faster, Cheaper, and Smarter on Flow
Flow’s built for real users and real builders. If you’re tired of paying a premium for basic infrastructure, or dealing with outdated tooling, it’s time to make the switch.
👉 Start building today at developers.flow.com
Explore tutorials, dive into docs, and join a community that’s building the next generation of blockchain applications, with less friction and way more Flow.
