The Lootbox contract, audited by Paladin Blockchain Security, accepts payment for an entry and then randomly gives the player a pack of three “cards.” The rarest cards have a high value, either in NFTs or cryptocurrency tokens. Payment can be in either stablecoins (e.g., USDC) or the Sugandese platforms’ native tokens, meaning that Lootbox runs can function as either a normal fundraiser/promotion or as a fun indirect buyback mechanism for tokens.
The Lootbox contract uses Chainlink VRF to provide the randomness that determines the Lootbox prizes. The Chainlink VRF was developed on the basis of leading academic research, has solid documentation, and is the most time-tested infrastructure of its kind in the industry. Importantly, its random number generation process is fully auditable using both open-source code and on-chain cryptographic proofs.
Chainlink VRF works by combining block data that is still unknown when the request is made with the oracle node’s pre-committed private key to generate both a random number and a cryptographic proof. The Lootbox smart contract will only accept the randomized numeric input if it is accompanied by a valid cryptographic proof, which can only be generated if the VRF process is tamper-proof. This helps provide our users with automated, verifiable on-chain assurances that the Lootbox results are provably fair and not tampered with by the oracle, outside entities, or the Sugandese Tokens team.