Pages:
Author

Topic: A guide to how Provably Fair works. - page 3. (Read 12402 times)

legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
August 18, 2013, 10:52:21 AM
#48
And this all reminds me, that there is no such thing as Provably Fair. This is actually Probably Fair. But the probability of being fair is very high or extremely high. Or the other way around, the probability of being unfair is very low, to the point it is almost negligible, for all practical intents and purposes.

Now, I'm maybe just nit picking on language and terminology used, but what odds do you consider Provably as opposed to just Probably? Is a 1:100,000,000,000,000 probability good enough? Because we can even use MD5 or SHA1 and no one will probably cheat. We can even use a 64 bit hash and the odds are still 1.8 * 10^19.

So, anyone using 256 bit hashes or higher (384 and 512) are overkill.

And I'm bumping this thread because I'm working on a provably fair poker game. Good luck to me.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
May 22, 2013, 02:57:20 AM
#47
but it is unfair to the players that the numbers are not generated according to the standards of the industry
Quote
Thing yes provable fair has not been proven even once until today.
Quote
yes it is possible to prove that the bet result was generated using the transaction id, the secret key and whatnot but who guarantees even distribution across all numbers as it needs to be by the industries standards?

1. Generate 10 billion 256-bit numbers. These are your transaction id hashes.
2. Generate 1 secret key of any length. This is your secret.
3. Hash those together using SHA-256 to get 10 billion 256-bit numbers.
4. Study the distribution of those 10 billion numbers.
5. For specific applications, use only the digits used, like for many dice games, the first 4 hex digits or 0 to 65536.

Alternatively

For number = 1 to 100,000,000,000  (one hundred billion numbers)
  print sha256(i)
Next number

The output should be uniformly distributed. Each pattern of output bits should be equally likely. The distribution from this study will essentially be your industry standard.

While this test does not illustrate it, it can be surmised from the purpose of SHA and from its proven history as a cryptographic primitive that the test would show uniform distribution for any classes of keys and any subset of its output bits. If it did not, this weakness would provide a way to identify collisions with less than brute-force effort.

SHA-2 is a set of cryptographic hash functions (SHA-224, SHA-256, SHA-384, SHA-512) designed by the U.S. National Security Agency (NSA) and published in 2001 by the U.S. National Institute of Standards and Technology (NIST) as a U.S. Federal Information Processing Standard.

In the United States the National Institute of Standards and Technology (NIST) plays the dual role of maintaining and furthering both commercial and scientific metrology.

Of course, 10 billion numbers or even 100 billion numbers does not prove anything. We need it to infinity for it to be a true mathematical proof.

However, even a normal person will say that if it talks like a duck, and quacks like a duck, 10 billion times in a row, perhaps we can consider that provably fair.
vip
Activity: 1316
Merit: 1043
👻
May 22, 2013, 02:09:24 AM
#46
Bump
sr. member
Activity: 293
Merit: 250
April 14, 2013, 11:45:53 PM
#45
hmmmm, maybe my 15 years in the field wasn't enough to compreend the text. so, can you point me what I miss about that NIST (National Institute of Standards and Technology) paper?


and please, try to prove what you're saying because until now you just chitchatting


Please refer to the following posts where I have already addressed the issue so you may better "compreend" everything:

Satoshidice claims it is "provably fair" but decides they will not prove that they are fair and so far it hasn't been proven once. Now I do understand your claim that they must not prove that they are fair to really be fair but then it's the argument of religion basically, if I hold my hand behind my back and claim I have a couple of pounds of diamonds in my hand I would be the one making the statement thus I would be the one needing proof (e.g. showing you the diamonds) and not you needing proof of me not having the diamonds in my hand behind my back in order to establish that they really are not there, since I have no initial proof of my statement it is disregarded.

Makes sense? Gox has everything to do with it since both of the companies are ran by teenagers that fail to employ the proper people to do a job they are unqualified to do out of pure greed.

We can now establish who is right in the second argument: Me

As I have already expressed this in the most childish way possible so even an infant may understand: I am not the one that needs to prove they are NOT fair, they are the one needing to prove that they ARE fair, it hasn't been done once.

sorry, but your bold text has nothing to do with RNGs, if you want me to prove if 1+1 is equal 2 I can gave you the apples proof. but there's no mathematical formula that proves the entropy of a system, and that's what RNG is all about.

this reminds me of a dilbert strip:
http://www.random.org/analysis/dilbert.jpg

You say this a lot. so, can you explain me what exactly you mean by your "industries standards"?

The chance of it being fixed by an established and licensed casino is much lower than ANY bitcoin casino.

S. Dice for example claim they have fair play, yet it is possible for them to submit selective bets since they know the secret word in advance and potentially steal from their investors. Okay not bad right? Wrong, nobody can vouch for the quality of the numbers that satoshidice generates and how random they are exactly, have they been certified by the Swiss Federal Office of Metrology (also known as METAS) and confirmed for quality number output that could compare to commercial RNGs such as Quantis? No? Didn't think so, it was certified by a bunch of smartasses on bitcointalk.

Using the (salted) hash of the chat as a seed is also a bad idea for various reasons, please leave it to the pros to generate quality random numbers, especially when it comes to gambling on virtual property, fund your project properly and hire a qualified person to do that work.

I think it is related to the dark side of anarchism whereas people begin to disregard technological advances and standards that have been established as a result of perfecting the systems and simply claim that these standards are a series of monopolized marketing schemes aiming at increasing profitability.

Basically the logic of fuck METAS, licensing, technological institutions that specialize in metrology, they are all greed seeking pigs, so we'll use a lava lamp as an RNG instead since we can do it better (and increase our own profits in the grand scheme of things).

This is the new dawn of cryptocurrency demagogism that, from their perspective, will ideally misguide fools, give themselves a piggyback ride on the economy and leave fools scratching their heads and blaming Bitcoins when they have hit rock bottom.

The sole fact that they haven't shown one bit of evidence just makes it painfully obvious to anyone who doesn't have urine in their circulation system. Stop showing us your right hand while giving us the ol' switch and grab, the true members of the community will still look at your other hand.

I understand that, for the regular user, any stamp from a renowned institute that proves the way that the random numbers are generated are fair maybe is a relief they aren't being cheated. But, while this doesn't happen, doing a little research you can use the common sense to see that they are using a fair way to determine the bet results.

I'm not taking this discussion further as in any discussion there are 3 viewpoints: your viewpoint, my viewpoint and the right viewpoint. Just keep in mind that we gave you a paper and statistics, and you only your opinion.

best regards

sr. member
Activity: 364
Merit: 252
April 14, 2013, 02:09:52 AM
#44
if you bet 20 times in a row and loose every time and some else evens the house edge by winning 20 times it isn't very fair is it?

Very fair. It is the nature of random, try flipping a coin 10'000 times and see if you dont get 20 heads on a row.



The problem occurs though when >90% of bets are like that for example. The house edge seems normal more or less but you were already predetermined to loose to a greater degree before even placing the bet,  this coupled with stealing from investors = success.

But >90% of the bets are not like that. SatoshiDice does not publish an ordered bet log as we do but as members like dooglus have shown it is easy to extract.

We are not statisticians ourselves but we did notice when running our own simulations that sha512_hmac(txid, secret) frequently produced large groupings of similar results, though despite this the number distribution evened out over a large enough sample size. 
We have noticed that our new improved RNG using sha512_hmac(txid, secret) and mersine twister produces this less often but it still does occur and the number distribution is still the same after a big enough sample size.

Its no secret that when we first started running simulations on our reimplementation of satoshidice's RNG we sampled our own wallets txids and kept trying secrets to see if any trended towards low or high, they do. Before your alarm bells start ringing you need to appreciate that as new data was added (new bet txids from players) the trends would often start correcting. Our own simulations using real data showed at best you could hope to gain another 1% edge.

It sounds like you are using a martingale system which is when you really notice these long losing streaks, if you suspect SatoshiDice is picking secrets that have trends of long losing streaks then apply the reverse martingale, thus turning any cheating into an advantage.

If specifically you feel that our casino may be cheating by doing this you could then play reverse dice where low numbers win, if we are attempted to trend to high, play Jackpot Dice where the high numbers win.

It really is in the best interest of a casino to set a reasonable house edge and use the best RNG they can, this is the safest way to a steady income.
hero member
Activity: 740
Merit: 501
April 14, 2013, 12:59:42 AM
#43
hmmmm, maybe my 15 years in the field wasn't enough to compreend the text. so, can you point me what I miss about that NIST (National Institute of Standards and Technology) paper?


and please, try to prove what you're saying because until now you just chitchatting


Please refer to the following posts where I have already addressed the issue so you may better "compreend" everything:

Satoshidice claims it is "provably fair" but decides they will not prove that they are fair and so far it hasn't been proven once. Now I do understand your claim that they must not prove that they are fair to really be fair but then it's the argument of religion basically, if I hold my hand behind my back and claim I have a couple of pounds of diamonds in my hand I would be the one making the statement thus I would be the one needing proof (e.g. showing you the diamonds) and not you needing proof of me not having the diamonds in my hand behind my back in order to establish that they really are not there, since I have no initial proof of my statement it is disregarded.

Makes sense? Gox has everything to do with it since both of the companies are ran by teenagers that fail to employ the proper people to do a job they are unqualified to do out of pure greed.

We can now establish who is right in the second argument: Me

As I have already expressed this in the most childish way possible so even an infant may understand: I am not the one that needs to prove they are NOT fair, they are the one needing to prove that they ARE fair, it hasn't been done once.


You say this a lot. so, can you explain me what exactly you mean by your "industries standards"?

The chance of it being fixed by an established and licensed casino is much lower than ANY bitcoin casino.

S. Dice for example claim they have fair play, yet it is possible for them to submit selective bets since they know the secret word in advance and potentially steal from their investors. Okay not bad right? Wrong, nobody can vouch for the quality of the numbers that satoshidice generates and how random they are exactly, have they been certified by the Swiss Federal Office of Metrology (also known as METAS) and confirmed for quality number output that could compare to commercial RNGs such as Quantis? No? Didn't think so, it was certified by a bunch of smartasses on bitcointalk.

Using the (salted) hash of the chat as a seed is also a bad idea for various reasons, please leave it to the pros to generate quality random numbers, especially when it comes to gambling on virtual property, fund your project properly and hire a qualified person to do that work.

I think it is related to the dark side of anarchism whereas people begin to disregard technological advances and standards that have been established as a result of perfecting the systems and simply claim that these standards are a series of monopolized marketing schemes aiming at increasing profitability.

Basically the logic of fuck METAS, licensing, technological institutions that specialize in metrology, they are all greed seeking pigs, so we'll use a lava lamp as an RNG instead since we can do it better (and increase our own profits in the grand scheme of things).

This is the new dawn of cryptocurrency demagogism that, from their perspective, will ideally misguide fools, give themselves a piggyback ride on the economy and leave fools scratching their heads and blaming Bitcoins when they have hit rock bottom.

The sole fact that they haven't shown one bit of evidence just makes it painfully obvious to anyone who doesn't have urine in their circulation system. Stop showing us your right hand while giving us the ol' switch and grab, the true members of the community will still look at your other hand.
hero member
Activity: 740
Merit: 501
April 14, 2013, 12:32:54 AM
#42
if you bet 20 times in a row and loose every time and some else evens the house edge by winning 20 times it isn't very fair is it?

Very fair. It is the nature of random, try flipping a coin 10'000 times and see if you dont get 20 heads on a row.



The problem occurs though when >90% of bets are like that for example. The house edge seems normal more or less but you were already predetermined to loose to a greater degree before even placing the bet,  this coupled with stealing from investors = success.
sr. member
Activity: 364
Merit: 252
April 14, 2013, 12:05:44 AM
#41
if you bet 20 times in a row and loose every time and some else evens the house edge by winning 20 times it isn't very fair is it?

Very fair. It is the nature of random, try flipping a coin 10'000 times and see if you dont get 20 heads on a row.

sr. member
Activity: 293
Merit: 250
April 13, 2013, 11:22:13 PM
#40
You two kids.

thank you, I love when someone say I'm younger.

but who guarantees even distribution across all numbers as it needs to be by the industries standards?

You say this a lot. so, can you explain me what exactly you mean by your "industries standards"?

You could theoretically even have a proper house edge, just that you would have abnormally long "cold" periods and "hot" periods, if you bet 20 times in a row and loose every time and some else evens the house edge by winning 20 times it isn't very fair is it?

http://en.wikipedia.org/wiki/Gambler%27s_fallacy

Potentially house edge heightening, but at least you admit that you are a gullible sheep and posses no ability to read and comprehend text.

hmmmm, maybe my 15 years in the field wasn't enough to compreend the text. so, can you point me what I miss about that NIST (National Institute of Standards and Technology) paper?


and please, try to prove what you're saying because until now you just chitchatting
hero member
Activity: 740
Merit: 501
April 13, 2013, 09:37:41 PM
#39
...
Yes provably fair means that you are exposed to 100% pure random. It seems you prefer casinos that manipulate you into thinking that you are not losing while you actually lose.
Anyway, It is worthless arguing with you, because either you are 10 years old, completely stupid or be paid to lure innocent players to your cheating casino. I hope for you it's the first, because then there is still a chance you could grow yourself a brain to understand that 100% pure random is better than manipulation.

Way to take this argument to the level of name calling, what exactly makes you come to the conclusion it is 100% random if no statistical analysis has been done? What makes you think that it isn't weighed in one way or another? Just because it's hashes 2 times this possibility is somehow automatically eliminated?
full member
Activity: 148
Merit: 100
April 13, 2013, 09:35:01 PM
#38
...
Yes provably fair means that you are exposed to 100% pure random. It seems you prefer casinos that manipulate you into thinking that you are not losing while you actually lose.
Anyway, It is worthless arguing with you, because either you are 10 years old, completely stupid or be paid to lure innocent players to your cheating casino. I hope for you it's the first, because then there is still a chance you could grow yourself a brain to understand that 100% pure random is better than manipulation.
hero member
Activity: 740
Merit: 501
April 13, 2013, 08:39:04 PM
#37
Thing yes provable fair has not been proven even once until today. Please educate yourself before replying to "big guys" talking okay buds?
You two are a joke, living proof of how gullible the masses are on a big scale, don't play at SRoulettes casino for all I care.
"big guy" LMAO. Actually provably fair proofs it on every single game. And even a below than average educated teenager could easily grasp it. So please don't count yourself as a "big guy".
Anyway, most people would not admit publicly that they do not understand how provably fair works. So, respect for admitting it. Still, now everyone knows that you are not very bright light, so to speak.
Quote
but it is unfair to the players that the numbers are not generated according to the standards of the industry

Quote
Thing yes provable fair has not been proven even once until today.

You're wrong.

http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf

case closed

You two kids are hopeless but let me educate you a little, yes it is possible to prove that the bet result was generated using the transaction id, the secret key and whatnot but who guarantees even distribution across all numbers as it needs to be by the industries standards?

You could theoretically even have a proper house edge, just that you would have abnormally long "cold" periods and "hot" periods, if you bet 20 times in a row and loose every time and some else evens the house edge by winning 20 times it isn't very fair is it? Potentially house edge heightening, but at least you admit that you are a gullible sheep and posses no ability to read and comprehend text, so very brave of you  Tongue .
full member
Activity: 148
Merit: 100
April 13, 2013, 03:28:10 PM
#36
Thing yes provable fair has not been proven even once until today. Please educate yourself before replying to "big guys" talking okay buds?
You two are a joke, living proof of how gullible the masses are on a big scale, don't play at SRoulettes casino for all I care.
"big guy" LMAO. Actually provably fair proofs it on every single game. And even a below than average educated teenager could easily grasp it. So please don't count yourself as a "big guy".
Anyway, most people would not admit publicly that they do not understand how provably fair works. So, respect for admitting it. Still, now everyone knows that you are not very bright light, so to speak.
sr. member
Activity: 364
Merit: 252
April 13, 2013, 11:37:27 AM
#35
http://satoshiroulette.com/log.php?mode=BTC

For interest look at our log, you will see some winning and losing streaks there you are welcome to verify a snapshot of our results at any time.
We even offer on player request forcing out of band secret changes so they can verify a recent set of bets instead of waiting up to 24 hours.

It is also possible to modify our simulation so it reads in every txid in a bitcoin wallet and uses each one as its input to produce even more real world results.
If you are interested please let us know, as we said its in our best interest to reassure you of our legitimacy and put away your concerns.
sr. member
Activity: 293
Merit: 250
April 13, 2013, 11:32:31 AM
#34
Quote
but it is unfair to the players that the numbers are not generated according to the standards of the industry

Quote
Thing yes provable fair has not been proven even once until today.

You're wrong.

http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf

case closed
hero member
Activity: 740
Merit: 501
April 13, 2013, 09:16:00 AM
#33
WTF?

SatoshiDICE is provably fair for your own games. Provably fair is not a magic bullet - it doesn't suddenly allow you to prove the house isn't making any bets, or that the house isn't cheating their shareholders, but that doesn't mean something is not fair.

And, wow, it's ridiculously easy to prove s.dice is provably fair.. get past secrets, generate random hashes ("txids"), repeat many times.

This madmadmax guy wants to be cheated, so he is either a "simple mind" or more probably a paid shill. Actually he should use fiat money instead of Bitcoins because the fed has those wonderful statistics requires blind trust instead of being provably. But the fact that he seems to prefer Bitcoins tells us he actually knows the difference between provably and just telling fancy tales like the fed and his casino. Now if you combine those informations you end up knowing that he is a paid shill from one of those cheating casinos.

Thing yes provable fair has not been proven even once until today. Please educate yourself before replying to "big guys" talking okay buds?

You two are a joke, living proof of how gullible the masses are on a big scale, don't play at SRoulettes casino for all I care.
sr. member
Activity: 364
Merit: 252
April 13, 2013, 08:31:17 AM
#32
Here is a situation though, Satoshidice knows their own secret word ahead of time, thus they can submit bets to themselves as if they are the player, since they can potentially "be" the player and know the secret word ahead of time (since they are really Satoshidice) they can thus submit selective bets and raise the house edge to such a degree that no one of the investors would be getting a cent.

To make sure we are on the same page, you mean that the casino's earnings are not provable to investors due to easy manipulation and knowing secrets ahead of time.  
You would do this by creating a rawtx and checking its result, rinse and repeat until you have the required winning tx and then broadcast it.

This is completely true and something many SDICE. investors do not appreciate, comments were made before that they could simply run bots to attract investors prior to making their IPO.

We also could abuse this by using it to claim progressive jackpots or flooding our log with win statements to make it look more attractive to players. This would require much more work as our jackpots require you to hit a single number on a max bet thus increasing difficulty of 'mining' the correct sized txid.
You could claim progressive bets, but the damage is minimal, because other players will that the progressive jackpot has gone down.

Also its far more effort that its worth, we want players to claim the jackpots. A big progressive jackpot won by a known member of the community vs a random anon is the best kind of advertising we get Smiley 
vip
Activity: 1316
Merit: 1043
👻
April 13, 2013, 07:57:53 AM
#31
Here is a situation though, Satoshidice knows their own secret word ahead of time, thus they can submit bets to themselves as if they are the player, since they can potentially "be" the player and know the secret word ahead of time (since they are really Satoshidice) they can thus submit selective bets and raise the house edge to such a degree that no one of the investors would be getting a cent.

To make sure we are on the same page, you mean that the casino's earnings are not provable to investors due to easy manipulation and knowing secrets ahead of time.  
You would do this by creating a rawtx and checking its result, rinse and repeat until you have the required winning tx and then broadcast it.

This is completely true and something many SDICE. investors do not appreciate, comments were made before that they could simply run bots to attract investors prior to making their IPO.

We also could abuse this by using it to claim progressive jackpots or flooding our log with win statements to make it look more attractive to players. This would require much more work as our jackpots require you to hit a single number on a max bet thus increasing difficulty of 'mining' the correct sized txid.
You could claim progressive bets, but the damage is minimal, because other players will that the progressive jackpot has gone down.
sr. member
Activity: 364
Merit: 252
April 13, 2013, 07:53:49 AM
#30
Here is a situation though, Satoshidice knows their own secret word ahead of time, thus they can submit bets to themselves as if they are the player, since they can potentially "be" the player and know the secret word ahead of time (since they are really Satoshidice) they can thus submit selective bets and raise the house edge to such a degree that no one of the investors would be getting a cent.

To make sure we are on the same page, you mean that the casino's earnings are not provable to investors due to easy manipulation and knowing secrets ahead of time.  
You would do this by creating a rawtx and checking its result, rinse and repeat until you have the required winning tx and then broadcast it.

This is completely true and something many SDICE. investors do not appreciate, comments were made before that they could simply run bots to attract investors prior to making their IPO.

We also could abuse this by using it to claim progressive jackpots or flooding our log with win statements to make it look more attractive to players. This would require much more work as our jackpots require you to hit a single number on a max bet thus increasing difficulty of 'mining' the correct sized txid.
full member
Activity: 148
Merit: 100
April 13, 2013, 07:51:47 AM
#29
...

WTF?

SatoshiDICE is provably fair for your own games. Provably fair is not a magic bullet - it doesn't suddenly allow you to prove the house isn't making any bets, or that the house isn't cheating their shareholders, but that doesn't mean something is not fair.

And, wow, it's ridiculously easy to prove s.dice is provably fair.. get past secrets, generate random hashes ("txids"), repeat many times.
This madmadmax guy wants to be cheated, so he is either a "simple mind" or more probably a paid shill. Actually he should use fiat money instead of Bitcoins because the fed has those wonderful statistics requires blind trust instead of being provably. But the fact that he seems to prefer Bitcoins tells us he actually knows the difference between provably and just telling fancy tales like the fed and his casino. Now if you combine those informations you end up knowing that he is a paid shill from one of those cheating casinos.
Pages:
Jump to: