Topic: FlipSide - Prizes almost 5 million times your bet! - page 2. (Read 5036 times)

That reminds me.  If I don't have the browser window full-width then the 'flip side' text down the left hand edge of the screen goes underneath the 50 face down cards, but when I try to click on the cards in the first column, it thinks I'm clicking on the 'flip side' text, and takes me to a new page, rather than toggling the selection state of the card I clicked on.  Took me a while to figure out what was wrong, but until I did it was very confusing.


Just make sure that it goes in this order:

1. show hash of server secret to user
2. allow user to select their secret
3. shuffle cards using server secret and client secret

If you do 2. before 1. then you could be selecting a server secret that makes the client secret bad for the user.  Doing 1 before 2 is required if we're to know the game is fair.  When you do it that way, we don't care how you pick the server secret, and so there's no need to pre-generate anything.  Just pick a pseudorandom server secret, show us its hash, allow us to pick our own secret, then use both as the seed for all in-game randomness.

You don't even need to use external sources of randomness like the block hash then.  We don't know the server secret, so can't cheat.  And you don't know what secret the client is going to pick, so you can't cheat either.

Neat, huh?

Ah, when the game is complete and the server secret is no longer valid, of course!

Yes. Initially 32 cards were shown but at some later point I decided to make a better usage of the screen real state and upped it to 50. (And earlier than that, my original plan was to always show all cards between 7-clubs to ace-spaces once, like when using a real deck).



Thanks for this insight. The client secret could perfectly be the game ID (randomly generated but trivially editable by the user). The server side has to be the pre-generated secret I alluded to.



I can use a known PRNG (e.g. ISAAC, which has a readily available Perl implementation) with a given seed to generate the cards, and publish a hash of the seed. The seed would be created from the client and server secrets. Later when the game is complete I would publish the seed and give the details of the card generation.

I am a gal, and I was making a point.

What's $MAX_CARDS? 6?  So you're selecting the 50 cards from 6 decks of 32 cards?

The way this is usually done is to shuffle the decks using a seed derived by combining the site secret and the client secret (the block hash, in this case).  So you can prove that you had no control over the selection of the 50 cards.

Even if you pre-generate the sets of 50 cards, you still can't prove that they were fairly selected.  You could still pick more 7's than Aces.

Edit: $MAX_CARDS can't be 6, or you would only have 24 sevens, and you wouldn't be able to deal 50 sevens for the jackpot game...

Edit2: Oh, but you're running the grep in a loop until you have enough, so that's OK.

really want to play this buy I have a penis

Seriously dude, you're a smart guy, but why do you ask questions like this? Do you really think the developer didn't consider the math before determining bet limits?

So if I can afford to bet twenty bitcoin you can afford to pay out 10x the BTC M3?

Thanks for trying! As dooglus noted, that wasn't actually a tie since the kings were of different suit.



Ah, this detailed escaped me. They are randomly chosen using the "shuffle" method from the builtin Perl module:


But this post doesn't prove anything, of course. I'll have to figure something out. Seems I'll have to resort to the (IMO) inelegant list of pre-generated secrets…

How is the set of cards selected?  From a 'provable fairness' point of view can you prove that the card selection isn't skewed towards the lower cards?

I think so, but:

Hello! Interesting game! If there is a tie in the cards, isn't the player supposed to win?

This was the game I played:

https://dserrano5.es/btc/flipside/game_id/87b0bae4c86baa59

Last year I was on medical leave and coded a little bitcoin game (just for fun, won't be big and professional like sd). When development was almost complete I began to work again and the code remained collecting dust in the server.  I just cleaned it up and tested it, and I think it's ready for public usage .

In a nutshell, users are shown a set of cards and are invited to pick some of them, then place a bet. When the bet transaction is included in a block, some other cards are derived from the block hash and compared with the ones picked by the user. If all of the user's cards are equal or higher, she wins. The help within the game gives all the details.

This is an example of a completed game, which shows the user-chosen cards as well as the ones derived from the block hash. There's a tie in one of the cards (an ace of diamonds). The user won this game.

A SHA386 hash can also be seen above the set of cards. This can be used to prove that the game doesn't cheat.

If the design is awful, sorry, I'm not a web designer .

You can give it a try at https://dserrano5.es/btc/flipside (HTTPS only).