RE4CTOR

Entropy appliance & PQ-VRF

 Get Access
FIPS-aligned · PQ-ready · auditable

High-Assurance Cryptographic Randomness

RE4CTOR is a sealed entropy appliance with an open, verifiable perimeter. It delivers signed outputs (ECDSA + ML-DSA-65) and is engineered for protocol fairness, measurable security, and audit-grade evidence.

Live Demo Open API Gateway API Docs
Gateway: /api/
Demo header: X-API-Key: demo (rate-limited).
Figure 1.0 · Gas per Secure Bit (EVM)
dataset: gas-per-secure-bit
higher = worse optimization phases PreA path (~1.5M) verify() POC (~68.9M)
verify() POC snapshot
≈ 68.9M gas
decode + checks + w = A·z − c·t1
PreA compute_w microbench
≈ 1.50M gas
packedA_ntt bound via CommitA

Benchmarks & Live API

Live gateway calls + a fast frontend entropy diagnostic (Shannon bits/byte + monobit ratio). This is not a replacement for offline BigCrush/NIST reports, but it shows “non-degenerate output” in real time. Background sampler pings /v1/random periodically (no /health).

Live API Playground
Calls: /v1/random and /v1/vrf. After /v1/random, the page computes a quick entropy estimate from returned bytes.
API Base URL
API Key (X-API-Key)
n (32-bit words)
Open https://re4ctor.com/api
Auto-pauses when tab is hidden.
HTTP entropy monobit timestamp
Response
{ "hint": "Click a button to call the RE4CTOR gateway with X-API-Key: demo." }
Browser note: CORS must allow your origin (your prod Caddy already supports preflight for X-API-Key).
Figure 1.1 · Latency distribution (gateway → VRF node)
prod VPS (representative)
p50 ~ 14ms p95 ~ 23ms p99 < 30ms sequential requests (illustrative)

Architecture

RE4CTOR treats randomness as an engineered system: sealed entropy core, auditable gateway, and verifiable protocol surfaces. This replaces “hand-wavy randomness” with measurable, testable, deployable infrastructure.

Sealed core
Fail-closed entropy
If health tests fail, output stops instead of silently degrading. This is the operational property most RNG stacks omit.
Verifiable perimeter
Signed outputs
Signing (ECDSA + ML-DSA-65) supports today’s chains and an explicit PQ migration track.
Protocol envelope
Measured surfaces
Benchmarks include protocol surfaces (not only “verify gas”) so the weakest-link can be reasoned about quantitatively.
Figure 2.0 · Protocol Envelope Dominance
model: weakest-link / surfaces
Entropy Core health tests · fail-closed Gateway (API) CORS · auth · rate limits VRF Node ECDSA + ML-DSA-65 Protocol Surfaces RANDAO · attestations · AA On-chain verify · auditability

Compliance & Validation

Public pages keep claims conservative. Detailed artifacts live in your audit bundle (reports, SBOM, integrity manifests). This section is intentionally minimal and “adult”: only what you can stand behind.

TestU01 BigCrush
160 / 160
Offline validation on large samples; reports shipped per release.
NIST SP 800-22
STS suite
Release-gated QA plus continuous health tests (RCT/APT).
VRF latency
p99 < 30 ms
Gateway → node → signing → JSON response (prod VPS).
Selected benchmark surfaces
Surface Metric Value Status
verify() POC (ML-DSA-65) gas ≈ 68,901,612 baseline
PreA compute_w (packedA_ntt) gas ≈ 1,499,354 optimized
gateway VRF (prod VPS) latency p50 ≈ 14 ms · p99 < 30 ms measured
Public page avoids over-claiming. Full reproducible detail lives in the benchmark lab and audit artifacts.

Product surfaces

Everything you consume is an explicit surface: entropy bytes, dual-signed VRF, and verification helpers. The site keeps wording conservative; the artifacts live in Test Reports and SBOM.

RNG surface
GET /v1/random
Raw high-entropy bytes via the gateway. Designed for fairness-sensitive protocols, gaming, L2 sequencing, and AA.
VRF surface
GET /v1/vrf
Dual-signed output (ECDSA + ML-DSA-65 roadmap lane). JSON response suitable for audit trails.
Verification
POST /v1/verify
Helper endpoint for integrators to validate an ECDSA signature from VRF output (useful during integration and CI).
Quickstart (copy/paste)
1) Check gateway
curl -s https://api.re4ctor.com/v1/health
2) Random bytes (hex)
curl -s -H "X-API-Key: demo" "https://api.re4ctor.com/v1/random?n=16&fmt=hex"
3) Dual-signed VRF JSON
curl -s -H "X-API-Key: demo" "https://api.re4ctor.com/v1/vrf?sig=ecdsa" | jq .
Docs & artifacts
/docs/quickstart/ · /docs/test-reports/ · /docs/sbom/
Tip: the website playground uses /api/ (same-origin reverse proxy). For direct calls, use https://api.re4ctor.com.

Security posture

RE4CTOR is built around an operational invariant: fail-closed entropy. If health/quality degrades, output stops. The perimeter stays auditable via signed responses and reproducible artifacts.

Fail-closed
Stop & alert
No silent degradation: health tests gate output instead of letting “maybe-random” leak into production.
Audit bundle
Reports + SBOM
Artifacts are versioned and shippable: test reports, SBOM, and integrity notes.
PQ track
Explicit migration
Dual-signing supports today (ECDSA) and an explicit PQ lane (ML-DSA-65) with measured surfaces and benchmarks.

Pricing

Choose a plan and get redirected to Stripe Checkout.

R4 SaaS API
$9.99
Solo devs and small apps.
  • 10k requests / month
  • VRF + RNG
  • Email support
R4 Dev Plan
$19.99
Growing apps & early-stage protocols.
  • 50k requests / month
  • Priority gateway
  • Email + Telegram support
R4 Pro Plan
$49.99
Production-grade workloads.
  • 250k requests / month
  • Multi-region routing
  • Slack support
Enterprise
Custom
Banks, L2 sequencers, regulated infra.
  • On-prem or dedicated VPC
  • Audit + compliance bundle
  • PQ signature stack
  • Dedicated support
Contact Sales