Sign in Subscribe

Randomness as Infrastructure

Randomness as Infrastructure

Randomness is the invisible foundation of digital security. Every security key ever created, and every encrypted message ever sent depends on a random number that nobody could have predicted. 

In February 2025, North Korean hackers executed the largest cryptocurrency theft in history, stealing $1.5 billion in ETH from Bybit. They compromised a single developer's laptop at multi-signature wallet provider, injected malicious JavaScript code, and manipulated what Bybit's signers saw when approving a routine cold wallet transfer. This one infected device in the signing chain was enough to bypass every layer of multi-signature security protecting $1.5 billion in assets. That’s why security for cryptographic infrastructure is only as trustworthy as its weakest trust assumption.

What makes this so significant for the randomness layer is the economic structure of the industry responsible for producing that randomness. The global RNG market currently sits at over $4.8 billion. However, the security and verifiability of the randomness provided decreases as the market sectors become more niche. That dropoff tells a story about where cryptographic infrastructure is strong today, where it is fragile, and where the next generation of security-critical applications will demand something that does not exist yet.

The Randomness Stack

At the base of the stack sits in the hardware. True random number generators (TRNGs) are embedded in the processors and secure elements powering billions of devices. Intel's RDRAND, Qualcomm's SoC entropy modules, Infineon's automotive TRNGs, and ID Quantique's quantum random number generators all harvest physical phenomena like thermal noise, oscillator jitter, and photon behavior to produce entropy at the silicon level. This is a $3.3 to $4.8 billion market in 2024, growing steadily at 8 to 10% CAGR and dominated by semiconductor incumbents. Quantum RNG (QRNG) is the fastest-growing sub-segment. The limitation to this randomness source is structural: entropy generated on a chip stays local to that device and cannot prove anything to a remote verifier.

Moving one layer up, software pseudo-random number generators (PRNGs) represent roughly $1 billion in commercially tracked value. These are the algorithmic defaults: OpenSSL, Linux's /dev/urandom, language-level RNG libraries. They are fast, free, and ubiquitous, but also deterministic. Given the seed, the output is predictable. For simulations and non-critical applications, this works. For high-stakes cryptographic operations where predictability becomes an attack vector, the risk must be minimized as much as possible.

The dropoff in market value is significant when reaching the cryptographic layer. Oracle-based on-chain randomness, led by Chainlink VRF (Verifiable Random Function) is a secure, tamper-proof, and provably fair random number generator (RNG) for blockchain smart contracts. It works, and millions of requests have been fulfilled across dozens of blockchains. But VRF generates less than 1% of Chainlink's total revenue, which is overwhelmingly driven by price feed oracles. The entire on-chain randomness market produces an estimated $4 to $10 million annually. For oracle providers, randomness is a feature within a larger business, not a standalone product.

Then we reach zero.

Public randomness beacons, services that broadcast verifiable and unpredictable random values at regular intervals, are critical infrastructure with no commercial value. The most significant is Drand, operated by the League of Entropy: a consortium of over 20 organizations including Cloudflare, the Ethereum Foundation, Protocol Labs, and EPFL. Drand has produced approximately 32 million randomness rounds across its networks. Filecoin depends on it entirely for leader election. Yet Drand is free and generates no revenue. The NIST Randomness Beacon operates on the same model: government-funded, centralized, publicly available at no cost.

At the top of the stack, private randomness beacons, where true entropy is consumed confidentially rather than broadcast publicly, represent a formal market size of $0. The category is pre-commercial, and no established provider offers it at scale.

Counterintuitiveness and Economics

The pattern seems counterintuitive. As you move up each layer of the stack, a critical capability is added, whether that is verifiability or privacy, yet commercial value drops significantly. The market rewards raw entropy in silicon while the delivery and verification layers that make entropy useful in networked systems are not established or used at full capacity.

The explanation for this counterintuitiveness is straightforward. Hardware TRNGs are a semiconductor play where entropy is bundled into processors sold for different reasons. Nobody buys an Intel chip for the TRNG; the randomness is an additional capability, which is why the market appears large. Software PRNGs are open-source commodities. On-chain randomness is a minor product line within larger cryptographic ecosystems. Public beacons are maintained by organizations that view randomness as a civic responsibility rather than a revenue stream.

As Daniel Bar, SpaceComputer co-founder, has put it:

"You don't build a new oracle or launch a blockchain in space for the sake of randomness alone. Cosmic entropy won’t make a market."

He is right. For most use cases today, the existing stack is adequate. PRNGs handle session tokens, Chainlink VRF services on-chain gaming and NFT mints reliably, and Drand serves Filecoin's consensus needs at the cost of volunteer node operators. The question is whether these services that are deemed adequate in the present is sufficient for what comes next.

Opening in the Market

We’ve established that public beacons solve for transparency and VRFs solve for on-demand verification. What neither of them solves is for private randomness delivery. A growing category of applications at the intersection of high-security cryptography and confidential computing needs all three properties simultaneously.

Use cases include:

  • Key generation for MPC where no single party should observe the entropy used
  • Sealed-bid auctions where the randomness driving commitment schemes must be both verifiable and confidential
  • Authentication nonces where predictability is a direct exploit vector
  • Defense and classified communications where the entropy source itself is a security concern

A private beacon worth trusting requires:

  • True randomness (physical entropy, not algorithmic)
  • Tamper-proof generation
  • Verifiable delivery
  • Privacy (the operator cannot observe consumed values)

These requirements are not hypothetical. The adjacent markets that serve them are among the fastest-growing in technology infrastructure. Confidential computing is valued at $5.5 to $9 billion in 2024 and growing at 34 to 64% CAGR. In-orbit computing is projected to reach $1.8 billion by 2029 at 67% CAGR. Post-quantum cryptography sits at $0.3 to $1.2 billion, growing at 37 to 46% CAGR. Each of these domains either consumes or depends on high-grade entropy, and each is pushing toward delivery models that the current randomness stack cannot support.

The dropoff from $4.8 billion to $0 does not reflect a lack of demand for the upper layers. It reflects the fact that a credible commercial product has not yet been built there.

A New Type of TRNG

SpaceComputer sits at this intersection. Our Cosmic True Random Number Generator, cTRNG, harvests cosmic entropy from radiation detected by secure hardware aboard satellites in low Earth orbit. The physical properties of space provide what terrestrial infrastructure cannot: an entropy source that operates above atmospheric shielding, beyond physical access, and outside the reach of electromagnetic interference or nation-state coercion. The randomness is physical, not algorithmic. The generation environment is tamper-resistant by the laws of physics, not by policy.

The public cTRNG beacon is live today, available through our Orbitport API and published to IPFS. Developers can access verifiable randomness from orbit now.

By end of Q1 2026, we are targeting private beacon capabilities through orbital computing infrastructure: true entropy consumed confidentially within a trust-minimized TEE environment, where the values a consumer receives remain unobservable to anyone, including SpaceComputer.

The randomness stack has a $4.8 billion foundation and a $0 ceiling. We intend to build above it.

If you are working on applications where the source, the delivery, and the privacy of your entropy all matter, we would like to hear from you at services@spacecomputer.io.

Request API access here.

Get Developer Support in The Official Telegram Group.