I seek a role of Cf’s customer who could request an entropy in my worker. The entropy is from Cf and goes to an end-user. When it passes Cf worker on its way back from the user to an origin, the worker validates this entropy as originally obtained from Cf. I envision the following functions made available to a worker by Cf (shorts for verifiable random):
edge.verand_get(int n, int s, char* salt)
edge.verand_check(int n, int s, char* verand, char* salt)
where a verifiable random of (n + s) bytes consists of n-byte entropy and first s bytes of HMAC signature of that entropy. This design allows false positive verification with probability 2exp(-8s) traded off against size of the entropy portion. HMAC signature should depend on a salt and a Cf-side secret with a certain lifecycle. The edge must have ample entropy derived from TLS master secrets produced in client-server collaborative manner at forming TLS connections.