# Security Remarks

1\. The only accepted callback function is *fulfillRandomness*(bytes32 \_reqId, uint256 \_random) with the function selector being *0x1f1f897f*. This is required in order to avoid malicious callbacks.

2\. The *fulfillRandomness* function is able to verify the VRF value and minimize the amount of keep3rs that can fulfill data with the following check functions:

* `require(isFulfiller[msg.sender], "Must is fulfiller")` : fulfillRandomness function guarantees that only a fixed amount of keep3rs are able to fulfill data ;
* `require(isNode(validator), "Forbidden validator")`: The VRF value is guaranteed to be generated from Oraichain's validators.

3\. The gas limit is 800,000. This means that any fulfilling or callback request exceeding the limit amount can lead to tx getting reverted, at which case the blockchain oracle will ignore and refuse to execute such request.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.orai.io/developer-guides/vrf/security-remarks.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.