Pages:
Author

Topic: How random the last digit of a block hash really is? (Read 23686 times)

member
Activity: 206
Merit: 10
Hmm.. Their house edge is now 6.25% ? 1/16 chance to win 15 times.

Anyone can make money running a site that uses provably fair random numbers, or provably deterministic "random" numbers, based on seeds or block hashes.

The problem is having enough players, so it boils down to marketing, word of mouth, promotions ... I still like to run a site, just can't keep promoting it, so I had to close mine.
We are currently offering 16x return, i.e. 0% house edge, though we have shifted from Bitcoin blockchain to Litecoin.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
Hmm.. Their house edge is now 6.25% ? 1/16 chance to win 15 times.

Anyone can make money running a site that uses provably fair random numbers, or provably deterministic "random" numbers, based on seeds or block hashes.

The problem is having enough players, so it boils down to marketing, word of mouth, promotions ... I still like to run a site, just can't keep promoting it, so I had to close mine.
full member
Activity: 214
Merit: 278
Here's a good example of an interesting project toward random number generation: https://www.fourmilab.ch/hotbits/

Just remember your radiation suit  Cool
Who'd like to expose themselves to radiation for some random number, while there are abundant sources on earth for the same? Cheesy
legendary
Activity: 1512
Merit: 1057
SpacePirate.io
Here's a good example of an interesting project toward random number generation: https://www.fourmilab.ch/hotbits/

Just remember your radiation suit  Cool
sr. member
Activity: 322
Merit: 253
Property1of1OU
Hashes are uniformly distributed over the entire number space, so to answer you question, they are as random as they get. Furthermore, such hashes are routinely used in provably fair algorithms in other sites, sort of like an industry best practice.

I read somewhere in textbooks that computers are bad on random because they're designed to be deterministic machines.

edit: typo
legendary
Activity: 2772
Merit: 2846
It's not enough to check the frequency. For instance, the sequence "1 2 3 1 2 3 1 2 3" has equal frequencies, but is unlikely to be random.

If you tried with a few thousand blocks this wouldn't show a more scientific answer rather than "I rolled a die 6x and I got 3 twice, therefore the odds of rolling a 3 on a die is 1 in 3" . It's just not how odds work.

+1

There's official government backed standards for testing randomness, and testing software called the NIST Statistical Test Suite software. However, even the official government standards say "statistical testing cannot serve as a substitute for cryptanalysis". Statistical testing by itself isn't enough, and good statistical testing can require 10^18 or more random numbers to test.

The details of the testing software are in this quote from another thread.


NIST produced some software for conducting statistical testing on data produced by random number generators. However it requires compiling, and needs huge data sets to work with.

http://csrc.nist.gov/groups/ST/toolkit/rng/documents/SP800-22rev1a.pdf

Quote
This paper discusses some aspects of selecting and testing random and pseudorandom number generators.The outputs of such generators may be used in many cryptographic applications, such as the generation of key material. Generators suitable for use in cryptographic applications may need to meet stronger requirements than for other applications. In particular, their outputs must be unpredictable in the absence of knowledge of the inputs. Some criteria for characterizing  and selecting appropriate generators are discussed in this document. The subject of statistical testing and its relation to cryptanalysis is also discussed, and some recommended statistical tests are provided. These tests may be useful as a first step in determining whether or not a generator is suitable for a particular cryptographic application. However,no set of statistical tests can absolutely certify a generator as appropriate for usage in a particular application, i.e., statistical testing cannot serve as a substitute for cryptanalysis

This is the download link for the the NIST Statistical Test Suite software.

http://csrc.nist.gov/groups/ST/toolkit/rng/documentation_software.html


Testing if a sequence of numbers is random is incredibly difficult, as random.org points out.

https://www.random.org/analysis/

Quote
If you flip enough coins, you will get sequences of coin flips that seen in isolation from the rest of the sequence don't look random at all. Scott Adams has drawn this as a Dilbert strip, which is funny exactly because it is true:



What Dilbert is told is correct: It is impossible to prove definitively whether a given sequence of numbers (and the generator that produced it) is random. It could happen that the creature in the comic strip has been generating perfectly random numbers for many years and that Dilbert simply happens to walk in at the moment when there's six nines in a row. It's not very likely, but if the creature sits there for long enough (and Dilbert visits enough times), then it will eventually happen.


There is more software for testing randomness called dieharder. It doesn't run all the NIST tests yet, but earlier software it's based on (called diehard) required a default input to work on of ten million random numbers in a file. Dieharder requires much more data than that to run sensitive tests.



http://www.phy.duke.edu/~rgb/General/dieharder.php

Quote
Dieharder differs significantly from diehard in many ways. For example, diehard uses file based sources of random numbers exclusively and by default works with only roughly ten million random numbers in such a file. However, modern random number generators in a typical simulation application can easily need to generate 10^18 or more random numbers, generated from hundreds, thousands, millions of different seeds in independent (parallelized) simulation threads, as the application runs over a period of months to years. Those applications can easily be sensitive to rng weaknesses that might not be revealed by sequences as short as 10^7 uints in length even with excellent and sensitive tests. One of dieharder's primary design goals was to permit tests to be run on very long sequences.

*snip*

In addition to implementing all of the diehard tests it is expected that dieharder will eventually contain all of the NIST STS and a variety of tests contributed by users


legendary
Activity: 1932
Merit: 2077
New question:

If I generate 2^ 160 distinct points (in secp256k1), then I perform sha256 + ripemd160, I could get 2^160 different values (and then all the possible addresses)?

A point (x,y) is a 512 bit string  -> "04xy" -> sha256 + ripemd160

My guess is: if I generate 2^160 points is like if I generated 2^160 pseudo-random 512 bit strings, so there should be many repetitions.

According to "law of third" -> http://www.roulette30.com/2010/04/law-of-third.html

 I should get only 2/3 * 2^160 distinct values, not the entire space. Am I right or not?

And if I generated 2^161, or 2^162 ? What % of distinct addresses (on the total of 2^160 addresses) I will get?

member
Activity: 206
Merit: 10
I'm using it for some elements in my game. For example, the last number in the hash might correlate to the number of asteroids in a sector of space  Grin

Nice to see more use cases of the last digit of bitcoin block hash. Smiley
legendary
Activity: 1512
Merit: 1057
SpacePirate.io
I'm using it for some elements in my game. For example, the last number in the hash might correlate to the number of asteroids in a sector of space  Grin
full member
Activity: 214
Merit: 278
100% random, and most betting sites use this as their system for fair, verifiable game play.
May I know, apart from Chain-Bet.com, who else is using this?
hero member
Activity: 868
Merit: 1003
Last digit of block hash should be close to true random. I remember seeing some altcoins generate random blocks using some fixed bits in hash (usually a letter in the middle), and some dev did stats and showed the randomness is almost perfect.

yes I remember some coins like Jackpotcoin did tests on it, you can check its thread for more detailed info.
hero member
Activity: 1073
Merit: 666
Last digit of block hash should be close to true random. I remember seeing some altcoins generate random blocks using some fixed bits in hash (usually a letter in the middle), and some dev did stats and showed the randomness is almost perfect.
legendary
Activity: 966
Merit: 1042
It's not enough to check the frequency. For instance, the sequence "1 2 3 1 2 3 1 2 3" has equal frequencies, but is unlikely to be random.

If you tried with a few thousand blocks this wouldn't show a more scientific answer rather than "I rolled a die 6x and I got 3 twice, therefore the odds of rolling a 3 on a die is 1 in 3" . It's just not how odds work.
legendary
Activity: 3878
Merit: 1193
I have checked the last digit distribution of every block hash (16 possible values and 442034 blocks):

Code:
BLOCKS : from 0 to 442033 (TOT = 442034)
last
digit         fr.         prob.           unif. -->  1/16=0.0625
0           27520   0.0622576543886                    
1           27881   0.0630743336485
2           27952   0.0632349547772       MAX -->  =+0.00073495777 = +1,16%
3           27892   0.0630992186121
4           27543   0.0623096865852
5           27339   0.0618481836239
6           27674   0.062606043879
7           27691   0.0626445024591
8           27428   0.0620495256021
9           27203   0.061540514983        MIN --> -0.000959485 = -1.54%
10 (a)      27594   0.0624250623255
11 (b)      27554   0.0623345715488
12 (c)      27863   0.063033612799
13 (d)      27616   0.0624748322527
14 (e)      27619   0.062481619061
15 (f)      27665   0.0625856834542

I think it's ok.

It's not enough to check the frequency. For instance, the sequence "1 2 3 1 2 3 1 2 3" has equal frequencies, but is unlikely to be random.
legendary
Activity: 1932
Merit: 2077
I have checked the last digit distribution of every block hash (16 possible values and 442034 blocks):

Code:
BLOCKS : from 0 to 442033 (TOT = 442034)
last
digit         fr.         prob.           unif. -->  1/16=0.0625
0           27520   0.0622576543886                    
1           27881   0.0630743336485
2           27952   0.0632349547772       MAX -->  =+0.00073495777 = +1,16%
3           27892   0.0630992186121
4           27543   0.0623096865852
5           27339   0.0618481836239
6           27674   0.062606043879
7           27691   0.0626445024591
8           27428   0.0620495256021
9           27203   0.061540514983        MIN --> -0.000959485 = -1.54%
10 (a)      27594   0.0624250623255
11 (b)      27554   0.0623345715488
12 (c)      27863   0.063033612799
13 (d)      27616   0.0624748322527
14 (e)      27619   0.062481619061
15 (f)      27665   0.0625856834542

I think it's ok.

hero member
Activity: 924
Merit: 501
100% random, and most betting sites use this as their system for fair, verifiable game play.
legendary
Activity: 1662
Merit: 1050
16 times is too much , that means they didn't make money from it .
Too much! LoLz... nothing is too much in gambling, as long as it is balanced with odds, which is pretty much the case here.

And I think people will rarelly play a game with 1/16 chance to win.
Gamblers are not so dumb that they'll place a bet on a single option. By betting on multiple options in a single block, they'll increase their chance of win.
newbie
Activity: 21
Merit: 0
I recently noticed a gambling website (www.bitcoinbetting.website) is offering 4 times return on correctly guessing the last digit of a block hash. I would like to know, how random is the last digit of a block hash really is? Is there any bias towards numbers or letters?

Update: Lately, they have increased return to 16 times for each winning bet.

16 times is too much , that means they didn't make money from it .

And I think people will rarelly play a game with 1/16 chance to win.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
I don't know how other gambling sites operate, but a way to mitigate or lower the risk for the house (or investors) and for all other players to not have a clue about the winning number is to use a delay, and use a secret. As in, don't allow to bet on the block hash itself. But if the game or site we're talking about does that, ... they're asking for trouble.
sr. member
Activity: 286
Merit: 250
As per proof-of-work: Miners will need to find a hash which contains the right amount of zeros to match the difficulty. If a miner found the right hash in time but it does not match the hex number that he placed the bet one, than he can choose to not submit the block and instead continues to search for a different nonce/hash. This will likely take him on average twice as long and even then there is still a 15/16 chance that if he found a new hash that it is still not the hex number that he placed the bet on. However, meanwhile the miner risks that someone else finds the correct hash - so he is risking his block reward doing this.

The odds are entirely different if the house allows to place bets exactly until the block is announced. In this case the miner could just place a bet before announcing the block to the network. However, it is unlikely that the house would allow these last-minute bets.
Pages:
Jump to: