Overview
View raw

Quiver documentation

Verifiable on-chain randomness for Robinhood Chain — a two-party commit–reveal entropy protocol. Start here.

Read in order

  1. Architecture — the components, roles, and request flows.
  2. Protocol design — how randomness is produced and why it's secure (the hash-chain / anchor mechanism, in depth).
  3. Integration guide — consume randomness from a contract (push & pull) or from TypeScript.
  4. API reference — every function, event, error, and type.
  5. Security model — trust assumptions, threat model, mitigations.
  6. Deployment runbook — testnet → mainnet, step by step.
  7. Keeper operations — running the keeper (Fletcher) in production.

Concepts

TermMeaning
CoordinatorThe on-chain contract (QuiverCoordinator) — verifies reveals, combines the two values, delivers callbacks
ProviderRegisters a hash-chain commitment and serves the random values behind it
KeeperThe provider's off-chain service (Fletcher) that watches for requests and submits reveals
Requester / ConsumerA contract or account that requests randomness
Sequence numberThe id assigned to each request; used to track it through fulfillment
CommitmentThe tip of the provider's keccak hash chain, chain[N]
Push flowrequestWithCallback → keeper revealWithCallback → your quiverCallback
Pull flowrequest → you reveal and read the result

The one-line mental model

randomNumber = keccak256(userRandom ‖ providerReveal ‖ blockHash?)

Two values, each committed before either is revealed. Neither party can bias the result; a fair outcome holds as long as one party is honest.

Try it

forge test            # 38 tests (unit, adversarial, fuzz)
./demo/local-demo.sh  # full end-to-end on a local node