For a lot of eg security-related applications where you want random numbers you don't want them to be publicly known. I wonder whether there are any risks to a naive approach of turning those numbers into private random numbers, eg hashing them together with a secret? Should you rotate the secret?

It would be interesting if the researchers could clarify this before people start rolling their own solutions.