Pages:
Author

Topic: Coinroll.it - Dice rolling game | Instant bets | Off-the-chain | 1% House edge - page 41. (Read 81569 times)

hero member
Activity: 504
Merit: 500
Awesome script. Nicely done Doog!
hero member
Activity: 745
Merit: 501
Thank you for releasing this script. As promised, I tipped you.
legendary
Activity: 2940
Merit: 1333
Should be fine now.

Yes, it's good now.

I wrote a script that verifies the whole db:

Code:
$ ./coinroll.py
missing secret for 05-20-2013
662354 right and 0 wrong
$

It can't verify the bets from today, since the secret isn't public yet.  But it can verify all the rest, and they're all fine.

Here's the script:

Code:
#!/usr/bin/env python

# verify all coinroll.it bets from their db dump
#
# 1. download secrets and bets from https://coinroll.it/verification
# 2. bunzip2 bets.csv.bz2
# 3. run this script in the same folder

import hashlib, hmac, string, time

def hash(txid, nonce, secret):
    return int(hmac.new(secret, "%s:%s" % (txid, nonce), hashlib.sha512).hexdigest()[:4],16)

secrets = {}

for line in open('secrets.txt').readlines():
    (date, secret) = string.split(line[:-1])
    secrets[date] = secret

fp = open("bets.csv")
fp.readline() # throw away first line - it's the field names

missing = {} # note which dates we don't know the secrets for
wrong = 0 # count errors
right = 0 # count successes

while True:
    line = fp.readline()
    if (not line): break
    (betid, user, stamp, nonce, lucky, target, win, diff, txid) = string.split(line[:-1], ',')

    nonce = string.atoi(nonce)
    lucky = string.atoi(lucky)
    txid = string.split(txid, '"')[1]
    stamp = string.atof(stamp)/1000
    date = time.strftime('%m-%d-%Y', time.gmtime(stamp))

    if not secrets.has_key(date):
        missing[date] = 1
        continue
            
    secret = secrets[date]
    calc = hash(txid, nonce, secret)

    if calc != lucky:
        wrong += 1
        found = False
        for off in range(1,5):
            if lucky == hash(txid, nonce - off, secret):
                target = string.atoi(target)
                print "bet %s txid %s:%-5d should be %-5d (off by %d)" % (betid, txid, nonce, nonce - off, off)
                found = True
                break
        if (not found):
            print "%s lucky number is wrong (%5d != %5d): %s" % (betid, lucky, calc, time.ctime(stamp))
    else:
        right += 1

for i in missing.keys():
    print "missing secret for", i

print "%d right and %d wrong" % (right, wrong)
sr. member
Activity: 293
Merit: 250
So '41881' changed to '41880.0'.  Can we get rid of the decimal '.0'?

Should be fine now.
legendary
Activity: 2940
Merit: 1333
Is the db dump fixed now too?

Yes.

The fixed rows are now showing a decimal place for the offending nonces:

Code:
old: "0022382334fe","cb4a-d75e-142d",1368486703517.0,41881,5890,49189,true,319,"090de7a9a363bc41c992ec000f77ffe6692155308ae5020a4e1e58c4222a1b65"
new: "0022382334fe","cb4a-d75e-142d",1368486703517.0,41880.0,5890,49189,true,319,"090de7a9a363bc41c992ec000f77ffe6692155308ae5020a4e1e58c4222a1b65"

So '41881' changed to '41880.0'.  Can we get rid of the decimal '.0'?
sr. member
Activity: 293
Merit: 250
Is the db dump fixed now too?

Yes.


Being British, 'nonce' always seems like unfortunate terminology...

Dammit, I always thought there was something wrong with that word.
legendary
Activity: 2940
Merit: 1333
The messed up nonces have been fixed.

Is the db dump fixed now too?

Quote
From Wikipedia, the free encyclopedia

Nonce may refer to:

Cryptographic nonce, a number or bit string used only once, in security engineering

Nonce (slang), a British and Australian slang term for a sex offender, usually a child sexual abuser

Being British, 'nonce' always seems like unfortunate terminology...
sr. member
Activity: 293
Merit: 250
The messed up nonces have been fixed.
hero member
Activity: 672
Merit: 501
Wow.

Just lost 15 in a row of the 25% chance win bet.

Brutal.

No BTC left  Shocked

That happens 1.33% of the time, so it's not that rare:

Code:
>>> (0.75**15) * 100
1.3363461010158062
lol, thanks man. Lost my last bit coins  Sad
legendary
Activity: 2940
Merit: 1333
Wow.

Just lost 15 in a row of the 25% chance win bet.

Brutal.

No BTC left  Shocked

That happens 1.33% of the time, so it's not that rare:

Code:
>>> (0.75**15) * 100
1.3363461010158062
sr. member
Activity: 322
Merit: 250
If you're like me and what even payouts instead of even odds:

Less than 32440 for 2x payout

Less than 21626 for 3x payout

Less than 16220 for 4x payout
hero member
Activity: 672
Merit: 501
Wow.

Just lost 15 in a row of the 25% chance win bet.

Brutal.

No BTC left  Shocked
sr. member
Activity: 293
Merit: 250
Thank you for pointing this out dooglus. I will investigate.

As you said, this only affects the archiving of the bets since it is a separate routine.

Edit: This is a concurrency bug. The lucky number calculation correctly uses the atomically incremented nonce while the archiving operation increments it by itself. This will be fixed.
legendary
Activity: 2940
Merit: 1333
Well that is an issue if historic bets are to be verified with a script. Although if it only impacts the archive, correcting the issue should be easy.

Yes.  I tested them all, and no nonce is off by more than 4, so it's easy to find out what the correct nonce should be.
hero member
Activity: 745
Merit: 501
Short story:
Only the bets archive/history seems to have the wrong nonces (repeated) as viewed in archive or on the website. The lucky numbers appear to be the one that would have been generated with the correct nonce (not skipped like on the archived bets).

Ex:
https://coinroll.it/bet/26c991a300e6
Shows nonce 41875 & lucky number 45957 (Which can be generated with nonce 41874)
https://coinroll.it/bet/916f4107ff33
Shows nonce 41875 & lucky number 25074 (Which can be generated with nonce 41875)

Well that is an issue if historic bets are to be verified with a script. Although if it only impacts the archive, correcting the issue should be easy.
legendary
Activity: 2940
Merit: 1333
I was asked to audit the provable fairness, and did so.

I found a problem, though I don't think it's important, and can be corrected.

Take https://coinroll.it/bet/0024cd8925bf for instance.  It says the nonce was 41988, that the lucky number was 41982, and that I can verify this by running:

Code:
$ echo -n '090de7a9a363bc41c992ec000f77ffe6692155308ae5020a4e1e58c4222a1b65:41988' | openssl dgst -sha512 -hmac 'mEL0R7en4QQZtJpHkath9YtvEed2YbzrOAQrIkTkd1ZmX5YNoPprlWf6XeTFoQZD' | sed 's/^.* //' | cut -c1-4 | xargs -I{} printf "%d\n" 0x{}
56785

However, as you can see, that gives 56785 as the lucky number.  If I use 41987 as the nonce, I get the correct lucky number:

Code:
$ echo -n '090de7a9a363bc41c992ec000f77ffe6692155308ae5020a4e1e58c4222a1b65:41987' | openssl dgst -sha512 -hmac 'mEL0R7en4QQZtJpHkath9YtvEed2YbzrOAQrIkTkd1ZmX5YNoPprlWf6XeTFoQZD' | sed 's/^.* //' | cut -c1-4 | xargs -I{} printf "%d\n" 0x{}
41982

I think all that's happened is that for a few thousand bets the database recorded the wrong nonce.  If we look at the database dump, we see records for nonces 41985, 41986, 41988 (twice), 41989, etc.  41987 is missing, and 41988 was recorded twice.  https://coinroll.it/bet/abd8a11aba66 is the other time it was used.

Here are the two verification screens for the two bets.  Notice that the shell commands are identical in the two cases, but the lucky numbers they are meant to produce are different...





Edit: note that sometimes the reported nonce is off by as much as 4:

Code:
bet "04ea204f8cb5" nonce 42290 should be 42286 (off by 4)
bet "c56d77775b9e" nonce 42290 should be 42287 (off by 3)
bet "9e2e44e570c0" nonce 42290 should be 42288 (off by 2)
bet "2ec74cf218a1" nonce 42290 should be 42289 (off by 1)

bet "70cb835c740f" nonce 42299 should be 42296 (off by 3)
bet "de7c0b0ceb1d" nonce 42299 should be 42297 (off by 2)
bet "715dd2d635ee" nonce 42299 should be 42298 (off by 1)

Edit2: Note also that none of this seems to affect the fairness.  It does just seem to be an issue with the archiving of the bets, specifically the nonces.  The stored lucky number and result is correct, and presumably so was the payout.
hero member
Activity: 745
Merit: 501
The live bets feed page is very neat.
hero member
Activity: 504
Merit: 500
sr. member
Activity: 448
Merit: 250
Changing avatars is currently not possible.
Added a live of view of all bets being played at https://coinroll.it/bets
Over half-million bets and counting, nice.
sr. member
Activity: 293
Merit: 250
Added a live view of all bets being played at https://coinroll.it/bets
Pages:
Jump to: