Who is the "neutral third party" of the cold storage?
The neutral third party is quite well known in the bitcoin community, but has asked to not be named to avoid their participation looking like an endorsement. In the case of any dispute or problems between me and Daniel, the third key holder will not arbitrate nor in the general case has enough information to sanely do so. So their primary role is simply help out in the case of Daniel or me has an issue that would prevent us signing (e.g. gets hit by a bus). You can pretty much think of it was 2-of-2 cold-storage, with a backup in case someone dies. (This could have also been achieved using time-locked transactions, but it's incredibly tedious)
Edit: In the interest of transparency, we are still working on testing/verifying the cold-wallet solution. So there is currently no money held in it, and we've told interested investors to hold off for a day while we make sure everyone is comfortable with it.
Can you still adjust investment amounts without being charged the dilution fee (eg to lower the onsite amount or increase/lower the offsite amount of your investment - I obviously don't mean increasing onsite which is of course charged.)
You are charged the dilution fee on the difference of your (onsite+offsite). So if you add 1 bitcoin to the onsite, and subtract the same from the offsite (at the same time) your net position is the same and you are not charged any fees. I think the whole UI needs a bit of improvement, but it should be more obvious when it tells you the expected dilution fee, so you can easily see how it works.
The audit system sounds a bit like the idea I had
3 years ago, so cool to see that
Yup! Nice job on that. It looks like pretty much the exact same thing. The only difference I see is that instead of a weekly audit, we do it in real-time. We require users to reveal their hashes before using their money
I am just confused to not see the audit hash anywhere and not mentioned in the verifier either.
If audit seed is used in game calculation, wouldn't it be needed in verifier too?
Yeah, but it's abstracted away. The "Server seed" is actually the concatenation of the two seeds. But the user just needs to copy and paste the whole thing into the verifier script. So from their perspective it's exactly like verifying any other game. We'll come up with a more technical specification, but this is the high level overview:
https://gist.github.com/RHavar/285c295f7906e03369cd66580a1b5f45But you can see it in the verifier:
view-source:https://bustadice.github.io/verifier/
const seeds = serverSeed.split("_").filter(v => !!v)
...
const [ auditSeed, gameSeed ] = seeds