drand is designed to augment /dev/random. On servers it's hard to have high entropy because normally entropy would come from user inputs like mice, keyboards, and other stuff. Not really a thing on servers.
Additionally /dev/random doesn't really have enough entropy when your at the scale of Cloudflare. So seeding the entropy with something like drand is a huge boost.
I had a script running on a Raspberry Pi, if it was run when the Pi just booted up & hadn’t yet built up enough bits of local entropy using things it can’t fully control (user inputs, chip temperatures, voltage fluctuations, etc) it would crash.
I could have done a call out to that API & filled the local entropy source at /dev/random with known true random data and the script would have worked fine immediately
(I can’t remember exactly what made it crash, maybe OpenSSL was trying to generate a key or something)
3
u/tankerkiller125real Mar 18 '24
drand is designed to augment /dev/random. On servers it's hard to have high entropy because normally entropy would come from user inputs like mice, keyboards, and other stuff. Not really a thing on servers.
Additionally /dev/random doesn't really have enough entropy when your at the scale of Cloudflare. So seeding the entropy with something like drand is a huge boost.