A Verifiable Delay Function (VDF) is a cryptographic primitive that enforces a mandatory, sequential computation time to produce an output, which anyone can then verify efficiently and publicly. Unlike parallelizable proof-of-work, a VDF's evaluation cannot be accelerated by adding more hardware, ensuring a predictable time delay.
Glossary
Verifiable Delay Function (VDF)

What is a Verifiable Delay Function (VDF)?
A foundational tool for generating unbiased randomness and preventing manipulation in decentralized systems.
The output serves as a proof of elapsed time, making VDFs critical for preventing front-running in decentralized finance and generating unbiased, unpredictable randomness in consensus protocols. The verification process is exponentially faster than the evaluation, allowing resource-constrained nodes to instantly confirm the computation was performed correctly.
Core Properties of a VDF
A Verifiable Delay Function is defined by four essential cryptographic properties that distinguish it from simple proof-of-work or time-lock puzzles. These properties ensure the function is useful for generating unbiased randomness and preventing computational front-running in decentralized protocols.
Sequential Computation
The function must be evaluated in a strictly sequential manner. No parallelization advantage is possible, even with an unbounded number of processors. This is the defining characteristic that enforces a real-world time delay. The computation is a single long chain of steps where the output of step n is the input to step n+1, preventing a faster machine from finishing in less wall-clock time than a slower one. This property is often achieved through repeated squaring in a group of unknown order.
Efficient Verifiability
While evaluation is slow, verification of the output must be exponentially faster than the computation itself. A verifier should be able to confirm the correctness of the result in logarithmic time, typically O(log(T)), where T is the number of sequential steps. This asymmetry is what makes a VDF practical; anyone can quickly check the proof without redoing the work. This is commonly achieved through a succinct proof generated alongside the output.
Unique Output
For a given input and delay parameter, a VDF produces exactly one valid output. This determinism is critical for applications like randomness beacons. If multiple valid outputs were possible, a malicious evaluator could choose the one most favorable to them. The uniqueness property is enforced by the mathematical structure of the function and is verified by the accompanying proof, ensuring no ambiguity exists in the final result.
Deterministic Delay
The delay parameter T specifies the exact number of sequential computational steps required. The function's runtime is predictable and non-negotiable. Given a specific hardware setup, the wall-clock time to evaluate the VDF can be estimated with high precision. This contrasts with proof-of-work, where finding a solution is a probabilistic lottery. A VDF guarantees that a specific amount of time has elapsed since the computation began.
Frequently Asked Questions
Clear, technically precise answers to the most common questions about Verifiable Delay Functions (VDFs), their cryptographic foundations, and their role in decentralized systems.
A Verifiable Delay Function (VDF) is a cryptographic primitive that requires a specified, sequential number of computational steps to evaluate, producing a unique output that can be verified efficiently and publicly by anyone. Unlike proof-of-work puzzles, a VDF's computation is inherently sequential—it cannot be parallelized. The function f takes an input x and a time parameter T, and outputs a value y along with a proof π. The key properties are: sequentiality (anyone with fewer than T parallel processors cannot compute the result faster than wall-clock time T), efficient verifiability (the proof π can be checked in O(log T) or even constant time), and uniqueness (for any input, there is exactly one valid output). VDFs are constructed using repeated squaring in groups of unknown order, such as RSA groups or class groups of imaginary quadratic fields. The evaluation performs T sequential squarings: y = g^(2^T) mod N, while the proof is generated using Wesolowski or Pietrzak protocols, enabling a verifier to check correctness without redoing the work.
Practical Applications of VDFs
Verifiable Delay Functions transform sequential computation from a liability into a cryptographic primitive, enabling trustless randomness, fair ordering, and time-locked security across decentralized systems.
Unbiased Randomness Beacons
VDFs generate publicly verifiable randomness that no single party can manipulate. The sequential computation ensures the output cannot be precomputed or biased, even by a powerful adversary.
- How it works: Multiple participants submit entropy, which feeds into a VDF. The delay prevents any participant from knowing the final output before committing their contribution.
- Example: The League of Entropy's drand network uses a VDF-inspired approach to produce randomness for Filecoin and other protocols.
- Key benefit: Eliminates the 'last actor' advantage in randomness generation, where the final participant could bias the result.
Front-Running Prevention in DeFi
VDFs enforce a mandatory time delay between transaction submission and execution, neutralizing MEV (Maximal Extractable Value) attacks where validators reorder transactions for profit.
- Mechanism: Transactions are committed to a block, but their ordering is determined by a VDF output that only becomes available after a fixed delay. No one can predict the ordering in advance.
- Real-world impact: Protocols like UniswapX explore VDF-based ordering to create fair batch auctions where arbitrageurs compete on price rather than gas fees.
- Result: Reduces the $1B+ annual MEV extraction problem by making transaction ordering unpredictable and tamper-proof.
Time-Locked Encryption
VDFs enable encryption that decrypts only after a specific time has elapsed, without requiring a trusted third party to hold the key. The decryption key is the VDF output itself.
- Use case: Sealed-bid auctions where all bids are encrypted and revealed simultaneously after the auction closes.
- Use case: Delayed disclosure of sensitive corporate information, ensuring it becomes public at a predetermined future moment.
- Technical note: Unlike timelock puzzles based on repeated squaring, VDF-based time-lock encryption produces a publicly verifiable proof that the correct delay was performed.
Proof of History in Consensus
Solana's Proof of History (PoH) is the most prominent production deployment of a VDF, creating a cryptographic clock that orders events without requiring nodes to communicate about time.
- How it works: A high-frequency VDF runs continuously, producing a sequence of hashes that prove real time has passed between events. Validators use this shared clock to agree on transaction ordering.
- Performance: Enables sub-second block times by removing the need for validators to coordinate timestamps through consensus messages.
- Trade-off: Requires specialized hardware (high-core-count CPUs) to run the VDF at speed, introducing some centralization risk in the sequencer role.
Blockchain Space Race Prevention
In leader-election protocols, VDFs prevent 'grinding' attacks where a validator repeatedly tries different inputs to manipulate their chance of being selected as the next block proposer.
- Problem without VDFs: A validator could compute many potential leader-election outcomes in parallel and choose the most favorable one.
- VDF solution: The election seed is fed through a VDF, forcing a sequential delay. By the time the output is known, the window for manipulation has passed.
- Adoption: Protocols like Chia use VDFs to ensure fair leader election in their Proof-of-Space-and-Time consensus.
Decentralized Timestamping Services
VDFs provide a cryptographic alternative to trusted timestamping authorities (TSAs), proving that a document existed before a certain time without relying on a centralized service.
- Process: A document hash is combined with a VDF output from a public randomness beacon. The resulting proof demonstrates the document existed before the VDF computation began.
- Advantage over TSAs: No single entity controls the timestamp. The proof is mathematically verifiable by anyone, anywhere, without trusting an authority's clock.
- Integration: Can be combined with transparency logs like Certificate Transparency to create fully decentralized, auditable timestamping infrastructure.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
VDF vs. Proof-of-Work vs. Time-Lock Puzzles
A technical comparison of three cryptographic primitives that enforce a mandatory time delay through sequential computation, highlighting their distinct verification, parallelism, and use case properties.
| Feature | Verifiable Delay Function | Proof-of-Work | Time-Lock Puzzle |
|---|---|---|---|
Primary Purpose | Enforce a verifiable, sequential time delay for randomness and ordering | Expend computational work to secure a network against Sybil attacks | Encrypt data that can only be decrypted after a sequential computation |
Verification Time | < 1 ms (logarithmic) | ~1 ms (single hash check) | Linear in computation time (must recompute to verify) |
Parallelism Resistance | |||
Public Verifiability | |||
Deterministic Output | |||
Requires Trusted Setup | Depends on construction (Wesolowski: no; Pietrzak: no) | ||
Typical Use Case | Blockchain randomness beacons, leader election, front-running prevention | Nakamoto consensus, spam deterrence, cryptocurrency mining | Sealed-bid auctions, delayed key release, historical document release |
Related Terms
Verifiable Delay Functions are part of a broader ecosystem of cryptographic tools for trustless computation and randomness. These related primitives are essential for understanding how VDFs fit into decentralized architectures.
Commitment Scheme
A cryptographic primitive that allows a party to commit to a chosen value while keeping it hidden, with the ability to reveal it later. The scheme ensures binding (cannot change the value) and hiding (value remains secret until revealed).
- Pedersen Commitments: Perfectly hiding, computationally binding
- Hash-based Commitments: Computationally hiding, perfectly binding
- Used in VDF-based randomness beacons to commit to future outputs
Timestamping Authority (TSA)
A trusted third party that issues a timestamp token cryptographically binding a document's hash to a specific point in time. VDFs offer a trustless alternative to centralized TSAs by providing a mathematical proof that a specific duration elapsed during computation.
- Traditional TSA relies on a single trusted entity
- VDF-based timestamping removes the need for trust
- Enables decentralized ordering of events in distributed systems
Zero-Knowledge Proof (ZKP)
A method allowing a prover to convince a verifier that a statement is true without revealing any information beyond the statement's validity. VDFs complement ZKPs by providing a time-based proof of work that cannot be parallelized.
- zk-SNARKs: Succinct, requires trusted setup
- zk-STARKs: Transparent, post-quantum secure
- VDFs + ZKPs enable private, time-locked transactions
Proof of Inclusion
A cryptographic proof, typically generated using a Merkle tree, that verifies a specific data element belongs to a larger committed dataset without revealing the entire dataset. VDF outputs can be included in Merkle trees to create verifiable delay proofs for decentralized applications.
- Enables efficient light client verification
- Combines with VDFs for auditable randomness
- Critical for blockchain state verification at scale
BLS Signature
A signature scheme supporting efficient aggregation and batch verification, allowing multiple signatures from different parties to be combined into a single compact signature. VDFs often use BLS signatures for threshold randomness generation.
- Enables signature aggregation across validators
- Pairs with VDFs in randomness beacons like drand
- Produces deterministic, publicly verifiable outputs
Fiat-Shamir Heuristic
A technique for converting an interactive proof into a non-interactive one by replacing the verifier's random challenges with a cryptographic hash function output. This heuristic is fundamental to making VDF proofs publicly verifiable without requiring back-and-forth communication.
- Transforms interactive protocols into standalone proofs
- Underpins the non-interactive nature of VDF verification
- Essential for public randomness generation schemes

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us