1.VRFConsumerBase

  1. pragma solidity ^0.6.0;
  3. import "./vendor/SafeMathChainlink.sol";
  5. import "./interfaces/LinkTokenInterface.sol";
  7. import "./VRFRequestIDBase.sol";
  10. abstract contract VRFConsumerBase is VRFRequestIDBase {
  12.   using SafeMathChainlink for uint256;
  14.   /**
  15.    * @notice fulfillRandomness handles the VRF response. Your contract must
  16.    * @notice implement it. See "SECURITY CONSIDERATIONS" above for important
  17.    * @notice principles to keep in mind when implementing your fulfillRandomness
  18.    * @notice method.
  19.    *
  20.    * @dev VRFConsumerBase expects its subcontracts to have a method with this
  21.    * @dev signature, and will call it once it has verified the proof
  22.    * @dev associated with the randomness. (It is triggered via a call to
  23.    * @dev rawFulfillRandomness, below.)
  24.    *
  25.    * @param requestId The Id initially returned by requestRandomness
  26.    * @param randomness the VRF output
  27.    */
  28.   function fulfillRandomness(bytes32 requestId, uint256 randomness)
  29.     internal virtual;
  31.     uint256 constant private USER_SEED_PLACEHOLDER = 0;
  33.     function requestRandomness(bytes32 _keyHash, uint256 _fee)
  34.     internal returns (bytes32 requestId)
  35.   {
  36.     LINK.transferAndCall(vrfCoordinator, _fee, abi.encode(_keyHash, USER_SEED_PLACEHOLDER));
  37.     // This is the seed passed to VRFCoordinator. The oracle will mix this with
  38.     // the hash of the block containing this request to obtain the seed/input
  39.     // which is finally passed to the VRF cryptographic machinery.
  40.     uint256 vRFSeed  = makeVRFInputSeed(_keyHash, USER_SEED_PLACEHOLDER, address(this), nonces[_keyHash]);
  41.     // nonces[_keyHash] must stay in sync with
  42.     // VRFCoordinator.nonces[_keyHash][this], which was incremented by the above
  43.     // successful LINK.transferAndCall (in VRFCoordinator.randomnessRequest).
  44.     // This provides protection against the user repeating their input seed,
  45.     // which would result in a predictable/duplicate output, if multiple such
  46.     // requests appeared in the same block.
  47.     nonces[_keyHash] = nonces[_keyHash].add(1);
  48.     return makeRequestId(_keyHash, vRFSeed);
  49.   }
  51.   LinkTokenInterface immutable internal LINK;
  52.   address immutable private vrfCoordinator;
  54.   // Nonces for each VRF key from which randomness has been requested.
  55.   //
  56.   // Must stay in sync with VRFCoordinator[_keyHash][this]
  57.   mapping(bytes32 /* keyHash */ => uint256 /* nonce */) private nonces;
  59.   /**
  60.    * @param _vrfCoordinator address of VRFCoordinator contract
  61.    * @param _link address of LINK token contract
  62.    *
  63.    * @dev https://docs.chain.link/docs/link-token-contracts
  64.    */
  65.   constructor(address _vrfCoordinator, address _link) public {
  66.     vrfCoordinator = _vrfCoordinator;
  67.     LINK = LinkTokenInterface(_link);
  68.   }
  70.   // rawFulfillRandomness is called by VRFCoordinator when it receives a valid VRF
  71.   // proof. rawFulfillRandomness then calls fulfillRandomness, after validating
  72.   // the origin of the call
  73.   function rawFulfillRandomness(bytes32 requestId, uint256 randomness) external {
  74.     require(msg.sender == vrfCoordinator, "Only VRFCoordinator can fulfill");
  75.     fulfillRandomness(requestId, randomness);
  76.   }
  77. }

1. requestRandomnessfunction requestRandomness

执行流程:
1).需要向vrfCoordinator 转账link ,同时向
2)生成传递给 VRCoordinator 的种子。oracle 会将其与包含此请求的块的哈希混合,以获得最终传递给 VRF 加密机制的种子/输入。
3) nonces[_keyHash] 必须与 VRCoordinator.nonces[_keyHash][this] 保持同步,它由上述成功的 LINK.transferAndCall(在 VRCoordinator.randomnessRequest 中)增加。 这提供了防止用户重复输入种子的保护,如果多个此类请求出现在同一块中,这将导致可预测/重复的输出。

  1.  function requestRandomness(bytes32 _keyHash, uint256 _fee)
  2.     internal returns (bytes32 requestId)
  3.   {
  4.     LINK.transferAndCall(vrfCoordinator, _fee, abi.encode(_keyHash, USER_SEED_PLACEHOLDER));
  5.     // This is the seed passed to VRFCoordinator. The oracle will mix this with
  6.     // the hash of the block containing this request to obtain the seed/input
  7.     // which is finally passed to the VRF cryptographic machinery.
  8.     uint256 vRFSeed  = makeVRFInputSeed(_keyHash, USER_SEED_PLACEHOLDER, address(this), nonces[_keyHash]);
  9.     //nonces[_keyHash] 必须与 VRCoordinator.nonces[_keyHash][this] 保持同步,它由上述成功的 LINK.transferAndCall(在 VRCoordinator.randomnessRequest 中)增加。
  10.      // 这提供了防止用户重复输入种子的保护,如果多个此类请求出现在同一块中,这将导致可预测/重复的输出。
  11.     nonces[_keyHash] = nonces[_keyHash].add(1);
  12.     return makeRequestId(_keyHash, vRFSeed);
  13.   }
  14. LinkTokenInterface immutable internal LINK;

2. VRFCoordinatoris

请求时触发的事件

event emit RandomnessRequest(_keyHash, preSeed, serviceAgreements[_keyHash].jobID, _sender, _feePaid, requestId);

将随机数返回时触发的事件

emit RandomnessRequestFulfilled(requestId, randomness);

  2. contract VRFCoordinator is VRF, VRFRequestIDBase, Ownable {
  4.   struct Callback { // Tracks an ongoing request
  5.     address callbackContract; // Requesting contract, which will receive response
  6.     // Amount of LINK paid at request time. Total LINK = 1e9 * 1e18 < 2^96, so
  7.     // this representation is adequate, and saves a word of storage when this
  8.     // field follows the 160-bit callbackContract address.
  9.     uint96 randomnessFee;
  10.     // Commitment to seed passed to oracle by this contract, and the number of
  11.     // the block in which the request appeared. This is the keccak256 of the
  12.     // concatenation of those values. Storing this commitment saves a word of
  13.     // storage.
  14.     bytes32 seedAndBlockNum;
  15.   }
  17.   function randomnessRequest(
  18.     bytes32 _keyHash,
  19.     uint256 _consumerSeed,
  20.     uint256 _feePaid,
  21.     address _sender
  22.   )
  23.     internal
  24.     sufficientLINK(_feePaid, _keyHash)
  25.   {
  26.     uint256 nonce = nonces[_keyHash][_sender];
  27.     uint256 preSeed = makeVRFInputSeed(_keyHash, _consumerSeed, _sender, nonce);
  28.     bytes32 requestId = makeRequestId(_keyHash, preSeed);
  29.     // Cryptographically guaranteed by preSeed including an increasing nonce
  30.     assert(callbacks[requestId].callbackContract == address(0));
  31.     callbacks[requestId].callbackContract = _sender;
  32.     assert(_feePaid < 1e27); // Total LINK fits in uint96
  33.     callbacks[requestId].randomnessFee = uint96(_feePaid);
  34.     callbacks[requestId].seedAndBlockNum = keccak256(abi.encodePacked(
  35.       preSeed, block.number));
  36.     emit RandomnessRequest(_keyHash, preSeed, serviceAgreements[_keyHash].jobID,
  37.       _sender, _feePaid, requestId);
  38.     nonces[_keyHash][_sender] = nonces[_keyHash][_sender].add(1);
  39.   }
  42. function fulfillRandomnessRequest(bytes memory _proof) public {
  43.     (bytes32 currentKeyHash, Callback memory callback, bytes32 requestId,
  44.      uint256 randomness) = getRandomnessFromProof(_proof);
  46.     // Pay oracle
  47.     address oadd = serviceAgreements[currentKeyHash].vRFOracle;
  48.     withdrawableTokens[oadd] = withdrawableTokens[oadd].add(
  49.       callback.randomnessFee);
  51.     // Forget request. Must precede callback (prevents reentrancy)
  52.     delete callbacks[requestId];
  53.     callBackWithRandomness(requestId, randomness, callback.callbackContract);
  55.     emit RandomnessRequestFulfilled(requestId, randomness);
  56.   }
  58. }