EVM Runtime: Make DIFFICULTY random

[Stebalien]

Currently, we set it to zero. But apparently people use this for randomness.

Solution: Derive randomness from drand.

[Stebalien]

See https://eips.ethereum.org/EIPS/eip-4399.

[Stebalien]

Looking at that EIP, we should derive this from drand without mixing in the tipsets. Basically:

1. Pick a new "tag".
2. Derive randomness with that tag.

Ideally we'd just "lookup" the current drand value, but we don't have a great way to do that.

[Stebalien]

Specifically:

1. Allocate a new domain separation tag
2. Call get_beacon_randomness with this tag, the current epoch, and no entropy.
3. Cache the results (same way we do with context stuff).

[mriise]

The proposed above works for the use case of "i just want a random number", and I think is OK to implement as a way to get things moving.

Eventually though I think it is important to support the ability to do limited randomness lookahead as defined in the EIP. To do this we will need:

• Accumulated Randomness: find out how we currently find next epoch providers, and be able to predict the next providers from a given epoch output
• Number of active validators: number of active miners (active validators may be more random though)
• Effective balance: power of current miner?
• Accidentally missed proposals: a few different options, likely something derived from network conditions like consensus faults or failure to commit during pre commit (actual probability of these i dont know)

Which at the very least requires a new syscall for getting raw randomness and potentially some protocol changes around drand.

edit: we really only want to support "i just want a random number", not adopt security concerns

[Stebalien]

That section is talking about security concerns in the current implementation on Ethereum, not desirable features.

[mriise]

github isn't closing cross-project issues automatically...