Emulating OP_RAND

In the realm of cryptographic techniques, a novel approach has been introduced to generate an arbitrary amount of random bits between two parties, Alice and Bob. This method generalizes an idea initially proposed by Tadge, employing the concept of committing to a sequence of n bits through hashing a preimage with one or two different hash functions multiple times. The commitment is represented by sequentially applying hash functions such as SHA2 and HASH160 to a preimage to denote a series of bits. For instance, a series like 0010 can be represented by a committed hash formed through the process of hashing sha2(sha2(hash160(sha2(preimage)))).

Alice and Bob each commit to a predetermined sequence of bits using this method. These sequences are then combined using a bitwise XOR operation to produce a set of random bits. An example provided illustrates how this can be implemented in Script for generating three random bits. Although this example showcases a naive implementation, it suggests that significant optimizations are possible to enhance efficiency.

The script example outlines a locking and unlocking mechanism where Alice's and Bob's random bits are processed along with their respective preimages. This process involves several operations that alternate between SHA256 and HASH160 hashing, depending on the bit value (0 or 1), followed by an SHA1 hashing of both parties' commitments. Verification of these commitments ensures the integrity of the transaction before proceeding to the XOR operations which ultimately generate the random sequence.

This technique offers a decentralized way to generate random bits securely between two parties without requiring trust, leveraging the intrinsic properties of cryptographic hash functions for commitment and randomness extraction. The process is illustrated through a script accessible via ScriptWiz, providing a practical example for those interested in implementing or understanding this cryptographic scheme further. This approach not only highlights the versatility of hash functions in cryptographic protocols but also opens new avenues for secure multi-party computations and applications requiring random bit generation in a trustless environment.