Pages:
Author

Topic: [EDU] Provably fair and how it can be exploited by casino owners against you. - page 2. (Read 8617 times)

legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
You know what happened to Absolute Poker and Ultimate Bet? They got caught cheating. They are now gone. (Well, the government is now auctioning them off.) Those aren't even bitcoin casinos and don't have any provably fair system at all. They were however audited by some government entity and certified. But nothing that you, as a player, can do to verify the game you just played.
newbie
Activity: 27
Merit: 10
It's absolutely crucial to our business that we never get caught cheating the user. If just one user discovers that we are cheating, all trust is gone, and we will lose all of our customers. Therefore, it is in our best interest to run a legitimate and fair casino. From a financial perspective, it simply does not make sense for us to cheat the user.

Unfortunately, this is a misleading statement. And I say it with the utmost respect, as I have enjoyed – and will continue to enjoy – discussions with casino operators.

First, the statement offers nothing towards the cryptanalysis of "provably fair" – meaning, a casino operator could remove all references to provably fair on their site and simply say, "We do not cheat. If we did, we would get caught and lose all of our customers." This is a simple promise. It offers little towards any cryptographic reassurance that bets were handled with integrity.

Secondly, it is difficult to follow your logic that one discovery of cheating would lead to catastrophic loss of the entire customer base. For one, if the casino was engaging in bet discrimination, only a subset of players would be subject to exploitation. And throwing an accusation would be difficult to reproduce, given that a) other users may be unable or unwilling to bet at the same high level as the accuser, and b) the exploit may be infrequent, and c) other users betting below the discrimination level could accurately say, "I was never cheated. I verified all of my bets."

The burden of proving fairness (provably or otherwise) must remain with casino operators, not the players that enjoy playing them.
mem
hero member
Activity: 644
Merit: 501
Herp Derp PTY LTD
Quote
Provably Fair is better than anything out there. False. In fact, it is my firm belief that the current implementation of Provably Fair is actually more harmful to players, because it gives players a feeling of security when such security can be easily be compromised without any notification or warning to the player.

This statement here I am calling bullshit on.

For 0 confirmation blockchain games that clearly state when they change the secret and display it there is only one possible way to cheat without getting caught.

A 0 confirmation casino could argue that their bitcoind node had not seen the bet before the secret changed. This allows for a ~10 minute window of abuse, that being said all players need to do is stop betting 10 minutes before the daily secret change and wait for the new hash to be announced.

Checkout satoshiroulette.com for an example (disclaimer Ive helped with their code and they have previously paid me to advertise on arby.pl), they log announce each days secret in the bet log so you can see exactly which bets were placed before and after the change and verify there were no obviously delayed (1 conf of greater) bets.

In this case Provably Fair is the absolute best random odds gambling you can hope for.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
Hi, I'm not defending or defaming any particular site, regardless of what they begin or end with, but @kingsportzrulz your statistics, even for the so called large bets are within variance.

The site you mention in particular has all the elements of being provably fair.

The article you mention makes no direct attack on any casino, just a lot of hypothesis that goes against every major bitcoin casino, and against their self-interest. Bitzino in particular, since it was the one specifically mentioned, can't afford to do any of the proposed cheats. Their volume of BTC and players is too low to risk it.

If you find a statistical anomaly, you had better best exploit it (even though that's not fair, for them.)

In fact, if there is one site where it can even be attempted, that would be on the seemingly fairest and justest of the dice sites. With 50,000 BTC invested and a current max profit over 500 BTC.

The site clearly states its terms of being provably fair, with sample code, and with third party scripts. What the article mentions are changing the codes on the fly, using bet discrimination and using html partials and javascript alterations.

The ones that can do cheat, are the ones that aren't even provably fair at all, such as the majority of internet online poker sites. I'll specifically mention the top 3, PokerStars, Full Tilt Poker and Party Poker. Between the 3 of them, they have maybe half a million players. That's 500,000 people online, all playing poker, all betting from $1 to $500 per call or raise, depending on the stakes.

If there are sites that can get away with it, those certainly can. First, their games are not provably fair. Just certified by some offshore government or gambling commission. It's almost as if they are saying "Look, we'll record the game on video to prove it is fair." And of course, we all know what's wrong with that statement.

Out of the 500,000 people playing, they only need to cheat 1% or even less. Maybe just 1000 people. Disconnect them all, consider them all-in, then grab the pot.

So I dunno. That article, while being a wake up call, stirs a lot of debate. You, as the player, of all sites you visit, have to be responsible enough to at least verify and understand the probabilities and the consequences of gambling. You have to understand that you can easily lose 50% 20 times in a row. You have to understand that you can lose 111 times in a row on 10%. You have to understand that you can lose 8 times in a row on 90%.

Because I've personally seen it all happen. And I personally verified each and every bet as fair. And it does not matter what the amount of the bet is, because the systems all of these bitcoin dice sites implement does not account for the size of the bet.

See, if the site offers the following:

1. A server seed or secret that you are either shown, or have the hash for, shown first.
2. A client or player seed which you can change after the first step above.
3. The formula to actually compute the result of the roll after the fact.
4. With or without a nonce or salt or some other random or incrementing value.

I don't see how any one can righteously claim that it was ever unfair.

All other traditional casinos and live dealers and all current poker sites (including bitcoin based ones) are not provably fair at all.

It's a good thing that SD and Bitzino and all the blockchain based games, and all the ones that attempt some sort of Provably Fair system even have those to begin with.

It is your responsibility to take advantage of the fairness offered. If that is difficult because of the particular site, that's only a logistical or convenience problem. You can take it against the site, but you can't accuse them of being unfair when they give you the chance and the tools to make it so.

Which is why, I am afraid, if I come up with my own casino, such as the popular card games, BlackJack, and even Poker, that no matter how many hashes and nonces and secrets I use and reveal, someone somewhere somehow will still accuse me of being unfair.

Online play has allowed people to bet a million times more than in any brick and mortar casino, that's why we see all these "weird" numbers pop up. Just bet a billion times on 98% chance to win and you will almost surely see 5 or 6 losses in a row. It can happen within the first 100 rolls.

While I'm at it, I just lost 6 times in a row on 87.7779% about 4 or 5 weeks ago. I'm going to bet a bunch my next roll, which is still waiting, is going to win. (I have another thread for that.) If I win, I will withdraw my prize. If I lose, then I don't. Both are fair. (This is gambler's fallacy now speaking; hehehe.)
newbie
Activity: 17
Merit: 0
Firstly and MOST IMPORTANTLY - I have no affiliation with KingOfSports (KOS) whatsoever.

So KOS if this comes back on you in anyway, I sincerely apologize.

But I agree and share some of the same BELIEFS as you do. But what I BELIEVE is what I believe. Just because a belief or two are shared does not mean ALL beliefs are shared.

My personal BELIEF is that there are sites claiming to be provably fair, however are NOT FAIR at all. My current site of ‘dishonor’ I will not name specifically, but I will say it starts with ‘PRIME’ and ends in ‘DICE’.

I will again refer to the excellent article written by TrevorXavier: http://www.reddit.com/r/Bitcoin/comments/1frm4x/provably_fair_by_bitzino_not_provable_with/

And provide a couple of quotes from it I also believe to be true.

Quote 1 “Bet Discrimination Under the assumption that an investigator will not place high stakes to investigate cheating, the house can safely offer a fair game to those using play money or very low stakes. As the bet size increases, so does the probability of an exploit. A house can also analyze betting patterns (progressives) for ways to minimize its short term risk of ruin.”

Yes, a lot of players (myself included) on some sites have many hands/spins/rolls of wins, thousands of wins. So many wins (correct statistically and all or even above odds to player even), however at such micro bets. BUT, I am sure some of you (myself included) bet a reasonable amount each go at times as well, say 0.1 low end, 1.0+ btc per go.

What have you / I personally seen at 1.0 btc per bet. WOW, instant such a bad run, just an unlucky day, its gambling, you will always lose, don’t gamble. 9 and 10 losing streaks in a row at 50%, several times over, and within 200 bets. 7-8/10 loses at 70% time after time. Wow, kind of thought at 70%, I should have been winning 7/10, statistically I mean. But yeah, loses like this can happen.

Go back to micro, and it’s within statistical limits again, even win, win, win, win, Yay I just won 0.000055 btc.

Quote 2 “Third, it can employ these cheats to minimize risk during progressive betting. Any player using Martingale or other betting system will always lose in the long-run, but short-run gains can occur. As such, producing guaranteed losses for the player over big bets will factor into the house's profit-maximizing strategy.

Fourth, a house can offer more smaller wins to players by cheating large bets, increasing word-of-mouth advertising. For example, suppose a draw poker game accepts bets from a micro-bitcoin to 50 BTC. If the house forces a player loss at 40 BTC…”

Quote 3. From the discussion in that article “A main point of the article suggests that a house could effectively cheat a portion of its players by segregating them through bet or browser discrimination. By implication this means a majority of the cheats are performed on a minority of players.”

So the people you see complaining about sites cheating are these ‘minority’. And the people you see defending, are those ‘majority’.

If you are in the ‘majority’, sorry you don’t have enough cash to bet more than a dime a go.

If you are in the ‘minority’, then chances are some sites are cheating you.

Got to love when sites are smart enough to give countless free micro coins out and then let players play fairly with them. ONLY TO CHEAT PLAYERS WHEN THEY DEPOSIT OWN FUNDS AND BET LARGER.

Yes, any outcome is statistically possible. No one is forcing anyone to bet. But claiming to be a fair site, when you are not, just because there is no regulation, is straight up scamming.

If it walks like a duck, quacks like a duck, and looks like a duck, time and time again, based on observations by independent person after independent person, well….

Well, just read the linked article folks. Then re-read it. And to anyone who comes out defending certain sites, stop being ass-kissers please, man up and place several dozen above 1.0 btc per go bets, and THEN see how fair it is, statistically or otherwise.
sr. member
Activity: 294
Merit: 250
Number one rule: DON'T assume the casino you're playing at is honest and that their provably fair system is fair.

That says it all!

Provably Fair is just a word without proper "auditing".

Try to (really) perform the proper calculations in order to prove it (by yourself) it's fair!

Even Provably Fair Systems may be manipulated as everything created by humans.

"Provably Fair" without proper auditing and testing is just an "lonely" word by itself...

That's right. It's not fair until you as the user proves that it is.

I'm afraid that is not how it works. To me, that is like saying a formula resulting from a theorem is only valid if you, as the user of it, prove the theorem yourself.

Nevertheless, I agree that users should investigate the provably fair method employed and verify/question it.
b!z
legendary
Activity: 1582
Merit: 1010
Number one rule: DON'T assume the casino you're playing at is honest and that their provably fair system is fair.

That says it all!

Provably Fair is just a word without proper "auditing".

Try to (really) perform the proper calculations in order to prove it (by yourself) it's fair!

Even Provably Fair Systems may be manipulated as everything created by humans.

"Provably Fair" without proper auditing and testing is just an "lonely" word by itself...

That's right. It's not fair until you as the user proves that it is.
hero member
Activity: 640
Merit: 771
BTC⇆⚡⇄BTC
Number one rule: DON'T assume the casino you're playing at is honest and that their provably fair system is fair.

That says it all!

Provably Fair is just a word without proper "auditing".

Try to (really) perform the proper calculations in order to prove it (by yourself) it's fair!

Even Provably Fair Systems may be manipulated as everything created by humans.

"Provably Fair" without proper auditing and testing is just an "lonely" word by itself...
hero member
Activity: 804
Merit: 500
I just thought I'd chime in about provably fair at Bitcoin Video Casino.

It's absolutely crucial to our business that we never get caught cheating the user. If just one user discovers that we are cheating, all trust is gone, and we will lose all of our customers. Therefore, it is in our best interest to run a legitimate and fair casino. From a financial perspective, it simply does not make sense for us to cheat the user.

We have a green "verify" button that users can click to check every game played. The verification code is run entirely client-side, so the user can be sure that the game played was fair.

The source for all client-side code, including the verification functions, is always available at https://bitcoinvideocasino.com/static/
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
Your last paragraph is true insofar as there is no way to cheat SHA-256 or SHA-512. I mean, there really is no way to cheat a cryptographically secure hash function that spits out 256 to 512 bits with several rounds of processing save for brute force collision attacks.

As reference, 128 bit symmetric encryption algorithms such as AES will remain "uncheatable" for the foreseeable future. You know what they say about it right? These numbers have nothing to do with the technology of the devices; they are the maximums that thermodynamics will allow. And they strongly imply that brute-force attacks against 256-bit keys will be infeasible until computers are built from something other than matter and occupy something other than space.

For both web-based and downloaded clients, I think the issue would be a proper accounting of every step of the way. And the player himself can actually verify that his client seed is what he actually chose. It's as simple as adding an extra character or replacing one from his client generated random seed.

If the client and/or the website provides complete logs for everyone to download and see, it gets us closer to being more provably fair than other implementations.

It also depends on the implementation of the system for the game. If the casino makes it very easy to verify the results, and makes it very easy to see that there are no so called "html partials" or modified javascript, or whatever techniques you talked about in the original article, that should count for something.

The difference between the web-based and the blockchain based games are the public records. Even if you operate a web-based game, or even a downloaded client game, if you, as the casino operator, take steps to record and account every possible angle or move, that should count towards securing your provable fairness.

Personally, I'm thinking of how else can my card game get rigged, when everything is as open and transparent as possible while adhering to the rules of the game (where some cards remain secret to the grave.)

I have a separate thread for that, btw. PM me if you can't find it. I don't want to turn this thread off-topic.
newbie
Activity: 27
Merit: 10
Thank you for the questions, Dabs and jeffreylin_. I'll try my best to answer the questions without getting too detailed.

For now, I will also assume that anyone reading the following has read my first analysis.

In a nutshell, manually changing client seeds and recording server hashes does not necessarily make a gambling site fair. While an individual can take additional steps to decrease the likelihood of being a victim – such as manually changing the client seed – doing so does not increase the provable fairness for other players. Since cheating need not be uniform, an malicious casino may continue to operate in an unfair manner for a subset of all players (as illustrated in my post on reddit). This essentially "breaks" the concept of "provably fair," which – to my understanding – is advertised as a system to prevent a house from cheating.

In regards to downloaded clients, I believe you may have answered your own question. Smiley For the most part, I would not expect a downloaded client to offer anything better than a web-based interface. There has been talk of offering a browser extension or similar tool to scramble client seeds and monitor results atop a web-based client, but I haven't seen one in the wild yet.

With respect to SatoshiDice, my colleagues and I focused primarily on web-based implementations of "provably fair" since the number of web-based gambling establishments seem to outweigh the number of blockchain ones. To say that "there's no way to cheat it" (with all respect) is too strong of an assertion: cryptographic systems are only expected to weaken over time.

Hope that's quick enough to avoid a tl;dr. Please let me know if you'd like some clarification on anything.
newbie
Activity: 6
Merit: 100
So basically, you change the client seed and make sure you see the server hash before you believe that a gambling site is truly fair?
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
Hi, everyone! Thank you for highlighting my post. It received a warm response there, and I spent many weeks thereafter fielding questions and looking at comparative implementations.

I'll be releasing another analysis of "provably fair" in the coming weeks. While I do love reddit for its ease in following discussion threads, I'd be happy to release it here on the appropriate forum if it would make more sense. In the meantime, if you have any questions about the post, please feel free to reply or contact me privately. I will do my best to answer in a timely manner.

Note: You can verify that I am the original author by revisiting the post on reddit (http://www.reddit.com/r/Bitcoin/comments/1frm4x/provably_fair_by_bitzino_not_provable_with/).

Hi Trevor,

Your analysis is only applicable to non-blockchain based games, and such websites that use HTML5. It doesn't apply to SatoshiDice at all, because, well, there's no way to cheat it, it's all in the blockchain.

Does this also not apply necessarily to other games that use a client? For example, card games that require software to be downloaded. You can certainly sniff the network traffic to detect anything, but software could be "rigged".

Actually, for most card games that do not reveal the entire deck, such as poker, I haven't seen any method of "Provably Fair" being implemented at all.
newbie
Activity: 27
Merit: 10
Hi, everyone! Thank you for highlighting my post. It received a warm response there, and I spent many weeks thereafter fielding questions and looking at comparative implementations.

I'll be releasing another analysis of "provably fair" in the coming weeks. While I do love reddit for its ease in following discussion threads, I'd be happy to release it here on the appropriate forum if it would make more sense. In the meantime, if you have any questions about the post, please feel free to reply or contact me privately. I will do my best to answer in a timely manner.

Note: You can verify that I am the original author by revisiting the post on reddit (http://www.reddit.com/r/Bitcoin/comments/1frm4x/provably_fair_by_bitzino_not_provable_with/).
member
Activity: 84
Merit: 10
www.BITOOMBA.com
Quote

I just won a BTC off you... red never fails. Tongue

Pleasure doing business.  Smiley

Congrats! Now you know we're fair  Wink
legendary
Activity: 1484
Merit: 1026
In Cryptocoins I Trust
The entire concept of provably fair was originally intended to give an added value to Bitcoin casinos over other online casinos.

It would be a shame to find out that anyone is taking advantage of the players by fooling them to think they are provably fair while they are not.

Our provably fair Roulette has one public spin every minute rather than a spin per player hence we can't change the result, or show different results to different players. We publish the results the next day so the players can verify that the results they saw were the actual results that were supposed to be shown.

I just won a BTC off you... red never fails. Tongue

Pleasure doing business.  Smiley
member
Activity: 84
Merit: 10
www.BITOOMBA.com
The entire concept of provably fair was originally intended to give an added value to Bitcoin casinos over other online casinos.

It would be a shame to find out that anyone is taking advantage of the players by fooling them to think they are provably fair while they are not.

Our provably fair Roulette has one public spin every minute rather than a spin per player hence we can't change the result, or show different results to different players. We publish the results the next day so the players can verify that the results they saw were the actual results that were supposed to be shown.

legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
This is arguing semantics, but all Provably Fair games are actually implementing Probably Fair math. However, this probability is very very very extremely astronomically low of being anything but fair. We are using anywhere from 256 bits to 512 bits, which means 2^256 to 2^512 chance of hitting collisions in the hash functions used. More or less.
full member
Activity: 188
Merit: 100
My brain always reads this as "Probably Fair". Could be it was trying to tell me something!
full member
Activity: 140
Merit: 100
If that's the case with bitzino, I've lost quite a few BTC's there  Angry.
Pages:
Jump to: