Mindburn Labs
Founding Cohort
Research NoteJune 25, 20253 min read

Managing Randomness in Sandboxes

Why `Math.random` breaks receipt verifiability.

Problem

If an execution policy relies on unseeded random number generation (e.g., Math.random()), replaying the policy against the input will yield a different outcome. This breaks offline verification of EvidencePacks because the hashes will diverge.

Approach

All execution policies must be strictly deterministic. If pseudo-randomness is required for a heuristic algorithm, it must use a Deterministic Random Bit Generator (DRBG) seeded explicitly by the prevHash of the receipt chain, or by a cryptographically signed entropy injection proposed prior to execution.

Invariants

  • Execution environments must hook and block unseeded RNG syscalls.
  • f(state, input) == f(state, input) perfectly, infinitely.

Artifacts

References

  • NIST SP 800-90A Rev. 1 (DRBG mechanisms).
Mindburn Labs 연구June 25, 2025
Every claim in this article can be independently verified using our open-source evidence tooling. Check the standards and conformance demos below.
표준증거 검증적합성