Dice64 - Off Blockchain. Provably fair. Instantly verifiable. 0.9% Edge - page 2.

dice64

jr. member

Activity: 34

Merit: 1

Quote from: Zaih on August 04, 2013, 07:29:06 AM

There's only 65536 different nonces a user can apply. You give the users secrets which when all those different nonces are applied, has a higher average, or more losses depending on the game they're playing. This will inherently change the odds advertised.

The secret is given out before the player chooses a number to play on, so is your concern that we could only chose secrets which were more likely end up with a high number when being nonced with every number in the range 1-65536? This is certainly possible, but computationally impractical.

In our tests performing dsha256(secret + nonce), where nonce is in the range 1-65536 gave quite an evenly random distribution. If necessary we can increase the size of the nonce field, maybe 32-bits would provide a more even distribution.

Edit: Valid point. I'll increase the size of the nonce.
Edit again: Nonce fields are now 32 bits, this is working in the api, but the html and javascript are cached and will clear in the browser after an hour.

Zaih

hero member

Activity: 504

Merit: 500

Quote from: dice64 on August 04, 2013, 06:49:05 AM

Quote from: Zaih on August 04, 2013, 06:11:00 AM

Hey, I've noticed you assign the server seed (Well, hash), and you only let the user choose a nonce.

The nonce can only be number 1 - 99999, what's stopping you assigning server seeds which when applied to a nonce, have a lot higher average roll. You can quickly test all 99,999 instantly, and then only assign ones which have an average roll of lets say 36? That's definitely possible.

To fix this, you should allow the user to choose whether they want to roll high or low.

Just my 2 cents

The output is calculated as follows, the nonce is a 16-bit integer 1-65536 and is generated in Javascript in the browser, the user can also set the nonce themselves, rolling high or low wouldn't make any difference to how fair it is. We can't assign secrets which have an average result, as any input is nonced by the user. The server seed can also be refreshed to a 256 bit number generated from random. Even if we did generate fixed secrets, the user would always nonce it in a way which completely changed the result through using dsha256(secret + nonce).

Here is a json list of the result frequency. bet_frequency_post_nonce is the actual results calculated with the nonce added. bet_frequency_pre_nonce is what the result would have been if the user was allowed to place a bet with a nonce of 0, this is the same as performing mod 64 on the secret_hash.

https://dice64.com/api/bets?pretty

Code:

secret = random integer 0 - 2256
secret_hash = dsha256(secret)

combined_number = secret + nonce
combined_hash = dsha256(combined_number)
result = combined_hash mod 64

There's only 65536 different nonces a user can apply. You give the users secrets which when all those different nonces are applied, has a higher average, or more losses depending on the game they're playing. This will inherently change the odds advertised.

dice64

jr. member

Activity: 34

Merit: 1

Quote from: Zaih on August 04, 2013, 06:11:00 AM

Hey, I've noticed you assign the server seed (Well, hash), and you only let the user choose a nonce.

The nonce can only be number 1 - 99999, what's stopping you assigning server seeds which when applied to a nonce, have a lot higher average roll. You can quickly test all 99,999 instantly, and then only assign ones which have an average roll of lets say 36? That's definitely possible.

To fix this, you should allow the user to choose whether they want to roll high or low.

Just my 2 cents

The output is calculated as follows, the nonce is a 16-bit integer 1-65536 and is generated in Javascript in the browser, the user can also set the nonce themselves, rolling high or low wouldn't make any difference to how fair it is. We can't assign secrets which have an average result, as any input is nonced by the user. The server seed can also be refreshed to a 256 bit number generated from random. Even if we did generate fixed secrets, the user would always nonce it in a way which completely changed the result through using dsha256(secret + nonce).

Here is a json list of the result frequency. bet_frequency_post_nonce is the actual results calculated with the nonce added. bet_frequency_pre_nonce is what the result would have been if the user was allowed to place a bet with a nonce of 0, this is the same as performing mod 64 on the secret_hash.

https://dice64.com/api/bets?pretty

Code:

secret = random integer 0 - 2256
secret_hash = dsha256(secret)

combined_number = secret + nonce
combined_hash = dsha256(combined_number)
result = combined_hash mod 64

vlees

full member

Activity: 196

Merit: 100

Quote from: Insanity on August 04, 2013, 06:22:46 AM

I think you forgot to mention that insanity dice is the only other provably fair option. We use camtasia to record all bets to make sure none are rigged.

Wow, good thinking! I totally forgot that videos can't be edited. Will play at Insanity Dice Extreme soon.

Insanity

sr. member

Activity: 744

Merit: 250

Vave.com - Crypto Casino

I think you forgot to mention that insanity dice is the only other provably fair option. We use camtasia to record all bets to make sure none are rigged.

Zaih

hero member

Activity: 504

Merit: 500

Hey, I've noticed you assign the server seed (Well, hash), and you only let the user choose a nonce.

The nonce can only be number 1 - 99999, what's stopping you assigning server seeds which when applied to a nonce, have a lot higher average roll. You can quickly test all 99,999 instantly, and then only assign ones which have an average roll of lets say 36? That's definitely possible.

To fix this, you should allow the user to choose whether they want to roll high or low.

Just my 2 cents

dice64

jr. member

Activity: 34

Merit: 1

Quote from: BRules on August 03, 2013, 10:07:45 PM

Quote from: dice64 on August 03, 2013, 07:41:07 PM

The service does not publish your return or deposit addresses, to protect your identity.

what kind of identity are you trying to protect not publishing it?

Peoples unspent tx outputs, which may link to their real name and identity and the coins could certainly be traced further, showing many transactions they have made with other people.

dice64

jr. member

Activity: 34

Merit: 1

Quote from: JakeMC on August 03, 2013, 11:09:01 PM

Assuming it uses PHP, there are only so many ways to write a site like this..

Regardless, the CSS is a part of any source... So yes, they do have VERY similar source codes.

It's fine, I'm just wanting to see something unique.

I've used twitter bootstrap for my frontend, as do many bitcoin sites, due to its ease of use and quick development time. I hadn't actually seen coinroll.it untill one month ago, after I had been developing this for quite some time. The actual bootstrap template I was working with reference to was this http://getbootstrap.com/2.3.2/examples/marketing-narrow.html, so you can see how both coinroll.it and I use the same layout.

This however doesn't mean that our source codes are even remotely similar. Please read through the HTML and JavaScript, I'll be publishing it on GitHub soon, also our backend is written in Python, our uniqueness doesn't come from our frontend however. We have implemented Bitcoin message signing which makes our game both provably fair and off-blockchain, something no other service currently offers.

Site will be going down for maintenance, while I fix a couple of bugs which weren't present in staging.

Dumbo

member

Activity: 114

Merit: 10

So what if it looks like Coinroll.it , if the system is fair and managed well. Why does it matter?

They both look professional, so you can tell that they was not done half-assed. It is a good thing.

JakeMC

newbie

Activity: 31

Merit: 0

Quote from: Mooshire on August 03, 2013, 11:00:43 PM

Quote from: JakeMC on August 03, 2013, 10:56:46 PM

Quote from: Mooshire on August 03, 2013, 10:45:56 PM

Quote from: JakeMC on August 03, 2013, 10:41:14 PM

http://puu.sh/3TdQM.jpg
http://puu.sh/3TdSq.jpg

Looks pretty similar...

Before you go around throwing accusations everywhere, do some research. This is the same CSS used by thousands of other sites, Bootstrap.(http://getbootstrap.com)

EDIT: Such as:
Blockchain.info http://gyazo.com/a2fcc43eb3b97e7a0729f3cbaa7fccbb
Coinchat.org http://gyazo.com/4cf525ac9ad48aaa65cb7a2cfa5919f2

And a whole hell of a lot of others.

Didn't throw an accusation.

It's a fact. They look similar, like a duplicate. Because they use the same, generic, bootstrap CSS file(s)...

Coinbase also used 'em, as do many other sites. I'm well-aware.

Many sites that look similar and have almost identical functionality would be saturating the market.

Calm down, big guy.

The same source and the same CSS are two different things.

Assuming it uses PHP, there are only so many ways to write a site like this..

Regardless, the CSS is a part of any source... So yes, they do have VERY similar source codes.

It's fine, I'm just wanting to see something unique.

Mooshire

sr. member

Activity: 322

Merit: 250

Quote from: JakeMC on August 03, 2013, 10:56:46 PM

Quote from: Mooshire on August 03, 2013, 10:45:56 PM

Quote from: JakeMC on August 03, 2013, 10:41:14 PM

http://puu.sh/3TdQM.jpg
http://puu.sh/3TdSq.jpg

Looks pretty similar...

Before you go around throwing accusations everywhere, do some research. This is the same CSS used by thousands of other sites, Bootstrap.(http://getbootstrap.com)

EDIT: Such as:
Blockchain.info http://gyazo.com/a2fcc43eb3b97e7a0729f3cbaa7fccbb
Coinchat.org http://gyazo.com/4cf525ac9ad48aaa65cb7a2cfa5919f2

And a whole hell of a lot of others.

Didn't throw an accusation.

It's a fact. They look similar, like a duplicate. Because they use the same, generic, bootstrap CSS file(s)...

Coinbase also used 'em, as do many other sites. I'm well-aware.

Many sites that look similar and have almost identical functionality would be saturating the market.

Calm down, big guy.

The same source and the same CSS are two different things.

JakeMC

newbie

Activity: 31

Merit: 0

Quote from: Mooshire on August 03, 2013, 10:45:56 PM

Quote from: JakeMC on August 03, 2013, 10:41:14 PM

http://puu.sh/3TdQM.jpg
http://puu.sh/3TdSq.jpg

Looks pretty similar...

Before you go around throwing accusations everywhere, do some research. This is the same CSS used by thousands of other sites, Bootstrap.(http://getbootstrap.com)

EDIT: Such as:
Blockchain.info http://gyazo.com/a2fcc43eb3b97e7a0729f3cbaa7fccbb
Coinchat.org http://gyazo.com/4cf525ac9ad48aaa65cb7a2cfa5919f2

And a whole hell of a lot of others.

Didn't throw an accusation.

It's a fact. They look similar, like a duplicate. Because they use the same, generic, bootstrap CSS file(s)...

Coinbase also used 'em, as do many other sites. I'm well-aware.

Many sites that look similar and have almost identical functionality would be saturating the market.

Calm down, big guy.

Mooshire

sr. member

Activity: 322

Merit: 250

Quote from: JakeMC on August 03, 2013, 10:41:14 PM

http://puu.sh/3TdQM.jpg
http://puu.sh/3TdSq.jpg

Looks pretty similar...

Before you go around throwing accusations everywhere, do some research. This is the same CSS used by thousands of other sites, Bootstrap.(http://getbootstrap.com)

EDIT: Such as:
Blockchain.info http://gyazo.com/a2fcc43eb3b97e7a0729f3cbaa7fccbb
Coinchat.org http://gyazo.com/4cf525ac9ad48aaa65cb7a2cfa5919f2

And a whole hell of a lot of others.

JakeMC

newbie

Activity: 31

Merit: 0

http://puu.sh/3TdQM.jpg
http://puu.sh/3TdSq.jpg

Looks pretty similar...

Zaih

hero member

Activity: 504

Merit: 500

Quote from: JakeMC on August 03, 2013, 08:55:24 PM

Funny. Duplicate source of http://coinroll.it

Trying to saturate the market are we? Wink

Very different as far as I can tell..

Good luck, I think you should avoid the choosing payout address. It's a silly method IMO. Should just use cookies like JD

BRules

sr. member

Activity: 293

Merit: 250

Quote from: dice64 on August 03, 2013, 07:41:07 PM

The service does not publish your return or deposit addresses, to protect your identity.

what kind of identity are you trying to protect not publishing it?

Boelens

hero member

Activity: 672

Merit: 500

I love this layout! It's so easy to gamble. Deposit 0.01, used some of my magic fairy dust to sprinkle some luck, did 50%, went up to 30, down to 25, cashed out, all went well. Seems legit!

Mooshire

sr. member

Activity: 322

Merit: 250

Quote from: JakeMC on August 03, 2013, 08:55:24 PM

Funny. Duplicate source of http://coinroll.it

Trying to saturate the market are we? Wink

They don't have duplicate source....

GigaDice

full member

Activity: 224

Merit: 100

Good luck with the site, really like the layout. I'd strongly suggest increasing the max bet in the near future.

JakeMC

newbie

Activity: 31

Merit: 0

Funny. Duplicate source of http://coinroll.it

Trying to saturate the market are we? Wink

Topic: Dice64 - Off Blockchain. Provably fair. Instantly verifiable. 0.9% Edge - page 2. (Read 2898 times)