A person more technical than me thought this might be worth asking around about. The best solution so far is here
www.dc.uba.ar/inv/tesis/licenciatura/2010/lerner but it doesn't seem any projects have solidly implemented the protocol. I still wonder if it can be done without a block-chain and have yet to hear anyone describe an implementation I can subscribe to. Sorry if its a waste of time, I'd just like to know if i should pursue the line of thought or if their is a hole in it. thx! Sorry I have essentially zero formal technical skills or knowledge so I had to make my own language for the explanation, here is the cliffs:
The changes from anything I've seen so far are:
-use of blockchain for a non-commutative "shuffle-vote" process
-a universal standard for deck states external to the shuffle procedure and game play
-A fair process for dealing with honest disconnection issues in a decentralized poker game.
-A reasonable solution for dealing with malicious players who won't give their "keys" at opportune times.
I suspect there might be some speed advantages if this process holds valid. I have some more ideas but i should make sure their is something worthwhile to pursue first
The hand starts with a timelock transaction escrow with %'s release to each player based on the final line of a hand within a time period greater than the possible time period in which the hand might last.
For n players, each player Pn chooses a number Xn between 1 and 52! We “label” each card in the deck universally between 1 and 52, and have a universally known 'order of permutations' in regards to ways the deck can be arranged and agreed on.
This number is encrypted by each player and written the block chain in a particular order related to the position each player sits in the hand. That is to say order seems to matter in some respect and so it is not commutative.
The shuffled state of the deck then is P1 + P2(X2) .....Pn(Xn) = Si, Where the highest possible number (52!) + 1 returns the first permutation of shuffle states.
In this way the deck can now be understood in its “shuffled” state Si,
We now have a shuffled deck in the form of a number that represents a certain permutation between 1 and 52! permutations.
We don't need a common random trust-able seed or to “draw” cards, but rather it can be seen for any state Sx “C1” is to be “dealt” to the first player to receive a card, C2 the next person and so on. Since the state of the deck is random to everyone it really matters not the “order” in which who receives which card, yet it is important for future verification that everyone has previously agreed to this order.
So we might choose a standard such as players 1-n receive respectively cards C1-Cn, and then for their 2nd card (Nl hold em) players receive their 2nd card C(1+n),...C(n+n). If C(n+n) then was the last hole card to be “dealt” then C(n+n+1),...C(n+n + 5) positions would contain the flop, turn, and river respectively.
Dealing is simple. Imagine each player has 52 pieces of paper, corresponding to their own unique “color”, which is transparent only to oneself and completely opaque to each of the other players. Further picture the entire shuffled deck face up in a line (C1 to C52 but in a shuffled order) in front of the players, and each player covers each card with their own colored pieces of paper. No player has seen the order of the cards. In order to deal a card to a specific player n, each player that is not n, simply removes their colored piece of paper leaving only the card with the piece of paper on it that is transparent to n but opaque to every other player.
To show a card to the community such as the flop/turn/river, the process is identical but this time all players remove their “papers”, thus revealing the card to everyone.
We might then take another metaphorical view of this to understand further. Imagine floors to an apartment type building with n floors and each floor containing 52 rooms with the exact same layout on each floor. Each player has their own floor, player 1 is on floor 1,....player n is on floor n. Player 1 uniquely connects a pipe from each of the 52 rooms on the bottom floor through each of the 52 rooms on their own floor and up to player 2's floor in any random manner he is comfortable with. Player 2 cannot see which of the rooms from player 1's floor that each pipe comes through. Player 2 connected each of his rooms up to the next floor and the process continues until the last player n connects his pipes up through to the rooftop. Thus each player has had a chance to randomize the “flow” without being able to see the randomization scheme of any of the other players.
Since the game is played on a blockchain all previous “actions” or lines in a hand history, can be thought to as having reached “consensus”. The remaining issue in this regard then is only with the present decision to be made and accepted to the blockchain. A malicious villain may choose to either disconnect or not “reveal” a certain card needed to further game play. There might be two interesting solutions to these issues. We might think of “disconnecting” as an honest act, and not revealing a card as a malicious one.
In regards to malicious players, there cannot be much incentive to defect in this fashion, especially with even a weak single unique identifier/web of trust system in play. A villain does not stand to “gain” any more than disrupting a certain hand and causing the hand to never have been dealt in the first place (all buyins returned). Furthermore, the initial time locked escrow can be set so that no player receives their share of the equity without passing in their public key at the end of the hand. What is interesting then is that in the case of a malicious failure to facilitate the game, assuming it was the case villains equity had fallen less than an equal distribution of the equity (ie the cause of their defection), the players left in the hand might agree to arbitrate the “dispute” by running the part of the hand history that is already written to the blockchain, through a third party equity analyzer (which has little monetary incentive to defect itself or be hacked). In other words the equity in the pot can be distributed as an “all-in” case to the players in the hand, mitigating the “reward” for defection.
In the case that a certain player disconnects (whether honestly or dishonestly), the remaining players can choose to reshuffle the deck (minus any community wide known cards) and continue a new hand as a subset of the initial transaction, with the same parameters of all of the actions up until the point in which one player disconnected. This brings up a small solvable issue-how do the players remove blockers from the deck of the cards that each of them are holding in their “hole”?
This can be done by each player choosing a random number between 2 and R where R is the number of cards not yet seen by the community and secretly writes this number to the block-chain That is too say if hero holds 2 cards that should not be in the deck then there is 2 of R chances that their hole card will be dealt to the community. But hero will have to protest and ask the card be shuffled back into the deck (starting the shuffling process over), so he simply needs to balance this frequency of request with a proportional amount of “bluff” requests. This solution can be structured indefinitely for cases in which the same hole card is drawn which may or may not be the card in hero's hole, and so the “edge” to be obtained from a reshuffle request is brought down to an acceptable level.
It also might be significant to point out the encryption on each players “randomizing” number need not be stronger than the amount of time a given hand takes to play. The is to say the encryption needs only last for say 24 hours worth of brute force (where brute force harness can spend < reward of attacking) and so its possible a “softer” encryption might then allow the hand history to be revealed and “adjudicated” without the malicious player ever giving up their “key”.