Engineering

AERE goes verifiably random, drand beacon live

On May 31, 2026 AERE Network deployed an on-chain consumer of the drand verifiable-randomness beacon, making fair lotteries, NFT trait reveals, fair-launch token sales, on-chain games and randomized airdrops finally possible on AERE without trusting any single party.

Deployment: a one-time on-chain step. Ongoing: no relayer, no subscription, no validator coordination. Consumers (lottery contracts, NFT mints, fair launches) submit drand rounds when they need them, paying their own gas. Anyone can submit. Permissionless.

The two contracts

ContractAddressWhat it does
AereRandomnessBeacon 0x25b6317efD8C7d425210F56Ee1E204852CD8213C Permissionless on-chain consumer of the drand Quicknet chain. submitRound(round, signature) accepts a drand round + its BLS signature (fetched free from api.drand.sh) and stores randomness = keccak256(signature) on chain. Once submitted, randomness for that round is permanently readable via getRandomness(round). Anyone can call submitRound; the submitter pays the gas.
AereDrandConsumer 0xeBA8De4f61c923a2E43eA8d7233Cf8e1Db5911B5 Reference integration contract showing the 2-line pattern any dApp can use. Commit to a future drand round at action time, reveal when that round is published. Lottery-style flow; same pattern works for raffles, fair launches, airdrop selection, NFT mints with randomized traits, gaming, validator rotation.

What drand actually is

drand is the distributed randomness beacon operated by the League of Entropy, a coalition of 19 independent organisations including Cloudflare, EPFL (Swiss Federal Institute of Technology Lausanne), the U.S. Naval Research Laboratory, the University of Chile, Protocol Labs, Kudelski Security, PingCAP, CertiK, and others.

Every 3 seconds, all 19 attempt to sign the value round_number using their share of a threshold BLS-12-381 private key. A threshold (currently 12 of 19) is required to produce a valid aggregate signature. Properties of the resulting random number:

The integration pattern

Here's the 3-line lottery from the reference consumer:

contract MyLottery {
    AereRandomnessBeacon public immutable beacon =
        AereRandomnessBeacon(0x25b6317efD8C7d425210F56Ee1E204852CD8213C);

    uint64 public drawRound;
    address[] public entrants;

    function openLottery(uint64 secondsUntilDraw) external {
        drawRound = beacon.roundAtTime(uint64(block.timestamp + secondsUntilDraw));
    }

    function enter() external { entrants.push(msg.sender); }

    function draw(bytes calldata drandSignature) external returns (address winner) {
        // Anyone can fetch drandSignature from api.drand.sh//public/
        // and call this. Submitter pays gas; everyone benefits from the random outcome.
        bytes32 random = beacon.submitRound(drawRound, drandSignature);
        winner = entrants[uint256(random) % entrants.length];
    }
}

That's the entire integration. Three lines of contract code, one off-chain fetch from a free public API.

No operator infrastructure, by design

This is a permissionless on-chain primitive, not a Foundation-operated service. Three properties mean no operator has to run any infrastructure:

  1. No relayer to run. Anyone can call submitRound. The typical caller is the dApp that needs the random number, submitting a round and reading the resulting randomness happens in the same transaction.
  2. Submitter pays gas. The drand signature is ~48 bytes; submitting one costs ~20-30k AERE gas (~$0.00002 at chain-level fees). The dApp's user, or the dApp itself, absorbs this, same as paying gas for any other contract call.
  3. No subscription, no licensing, no BD. drand is a free public good run by the League of Entropy. AERE deployed a consumer; the LoE doesn't need to know we exist for their beacon to serve our submissions.

Two phases

Phase 1 (now, live): drand signatures are stored on submission and verifiable off-chain. Anyone in the world can confirm, by checking api.drand.sh//public/, that the on-chain signature matches drand's canonical output for that round. If someone tries to submit a fake signature, the pairing check at drand's verification endpoint will reject it; the on-chain submission is then provably wrong. The trust model is "first credible submitter wins, public audit at all times."

Phase 2 (post-audit, future deploy): enable on-chain BLS pairing verification via AERE's EIP-2537 precompiles (activated in Pectra, Tier 1.1). The contract will then refuse to accept any submission whose BLS signature doesn't verify against drand's public key on chain, fully trustless. The submission interface is forward-compatible; consumer code doesn't change.

What this combines with

What this does NOT do

What's next

Tier 1.8 wires AereFeeBurnVault into the validator coinbase, making the whitepaper §3.3 "37.5% of fees obliterated" claim measurably true on chain. Tier 1.9 deploys batch-auction settlement on AereSwap for native MEV-resistant trading. Tier 1.10 ships Fee Monetization for developer revenue share, strong builder magnet.

The application layer is where the work continues.

← Back to all posts