I’m looking for a way to generate (pseudo-)random Integers in DAML. I saw the coin flip example in the tutorials, but I’m wondering: is there a simple random function in DAML I can also use (akin to the random-function in Haskell)?
I looked through the language docs, but couldn’t find anything fitting.
Welcome to the forum @Arne_Gebert! There is no pseudo-random number generator in the StdLib, and in part that’s to discourage people attempting to do random number generation in DAML. It’s not possible. The submitting party has access to all information that goes into the deterministic calculation of the transaction so they can predict exactly what any “random” number will come out as. The sha256 function is about as random as it gets in daml.
Hi Arne. Bernhard is right; there is no way to create a secure random number in general. If all you need is a pseudo-random generator though, for non-secure purposes, it’s pretty easy to code this up with a State monad. RNG is the canonical textbook example for this monad.
For example here:
I’m not sure the existing answers will remain true indefinitely according to the following blog:
we’ll consider how DABL talks to other APIs to speed integration of third-party functionality into Daml applications. …
Digital Asset is building a layer that lets Daml developers plug APIs into Daml workflows
Could this allow for (computational) non-determinism? Since one could introduce functions that are not referentially transparent?
We could even go one step further and consider physical non-determinism by calling out to ANU QRNG quantum random number generator API: API documentation – ANU QRNG … of course that depends on your philosophical interpretation of quantum mechanics 
Also
and in part that’s to discourage people attempting to do random number generation in DAML
Perhaps this is assuming that there exists no practical application of randomness in smart contracts? I can think of some counterexamples:
The use of non-determinism in Daml programs is not possible at a fundamental level.
If you think about the architecture of a daml ledger, each party of a transaction in that network needs to be able to re-run Daml code to certify the resulting updates/contracts are valid. Analogously, you can think of how a blockchain processes transactions, and how each node needs to be able to re-compute hashes to verify the veracity of submitted transactions. That code needs to be deterministic, by design. It’s the same problem here.
We can always bring in entropy from outside, into the ledger, as a function (choice) parameter, as you’re suggesting. But the Daml transactions themselves are always deterministic.