In a few days I will be releasing version 2 of bustabit. The principle of our provably fair system remains the same, but the algorithm that converts game hashes to game results has changed. Therefore I'm holding a new seeding event.
Starting with a secret I've generated a chain of 10,000,000 SHA256 hashes. Each element is the hash of the lowercase, hexadecimal string representation of the previous hash. The hash of the chain's last element is 86728f5fc3bd99db94d3cdaf105d67788194e9701bf95d049ad0e1ee3d004277.
Every game maps to a hash in the chain: The 10,000,000th element of the chain is the hash of game #1 and the first element in the chain is the hash of game #10,000,000. To verify that a hash belongs to a game #n, simply hash it n times and compare the result with the terminating hash.
To calculate a game's result from its hash:
const crypto = require("crypto")
function gameResult(seed, salt) {
const nBits = 52 // number of most significant bits to use
// 1. HMAC_SHA256(key=salt, message=seed)
const hmac = crypto.createHmac("sha256", salt)
hmac.update(seed)
seed = hmac.digest("hex")
// 2. r = 52 most significant bits
seed = seed.slice(0, nBits/4)
const r = parseInt(seed, 16)
// 3. X = r / 2^52
let X = r / Math.pow(2, nBits) // uniformly distributed in [0; 1)
// 4. X = 99 / (1-X)
X = 99 / (1 - X)
// 5. return max(trunc(X), 100)
const result = Math.floor(X)
return Math.max(1, result / 100)
}
Before being used to calculate the corresponding result, each game hash is salted with the lowercase, hexadecimal string representation of the hash of
bitcoin block 505750. This block has not been mined yet, proving that I have not deliberately picked a chain that is unfavorable for players.
Really curious to see V2
Quoting for reference.
Edit: just noticed Dooglus did it way better than me