Why block hashes are dangerous for DLC randomness (and the fix)

Miners can see your DLC bet before they publish the block. A SHA-256 PoW beacon gives you the randomness guarantee that block hashes can't.

lunedì 1 giugno 2026 New tab

758 words~3 min read

A DLC (Discreet Log Contract) is only as fair as its randomness source. If you're using a Bitcoin block hash as your oracle input for anything with money on it, you've got a miner front-running problem that won't care how tight the rest of your contract is.

This ain't theoretical. PancakeSwap lost $1.8M in 2021 to an attack that precomputed the block hash used as a random seed (SWC-120). DeFi, but the same class of attack applies to any protocol where the person producing the "randomness" can see the downstream payoff first.

Block hashes are predictable to miners.

Why block hashes fail for DLCs specifically

Here's the attack in plain terms:

Why block hashes are dangerous for DLC randomness (and the fix)

Why block hashes are dangerous for DLC randomness (and the fix)

Other newsrooms on this story

Related reading

Chainalysis: AI-Assisted Attackers Target Hidden DeFi Code

Trustless Bug Bounty Releases with a PoW-Gated DLC Oracle

Griff Green: Unusual movements of restaked ETH signal illicit activity,…

Hashing in Distributed Systems: A Complete Guide to Algorithms, Best Practices,…

Hacker Mints 5.4 Trillion Tokens in StakeDAO Exploit, Nets $91K - "The Defiant"

Crypto Long & Short: Who answers the 3am call when DeFi breaks?

Other newsrooms on this story

Related reading

Chainalysis: AI-Assisted Attackers Target Hidden DeFi Code

Trustless Bug Bounty Releases with a PoW-Gated DLC Oracle

Griff Green: Unusual movements of restaked ETH signal illicit activity,…

Hashing in Distributed Systems: A Complete Guide to Algorithms, Best Practices,…

Hacker Mints 5.4 Trillion Tokens in StakeDAO Exploit, Nets $91K - "The Defiant"

Crypto Long & Short: Who answers the 3am call when DeFi breaks?