bump
Topic: Introducing LitecoinLottery.net - A simple lottery with up to 95x payouts (Read 1456 times)
September 22, 2013, 04:38:23 PM
September 20, 2013, 04:29:22 PM
bump.
16 coins left for the 50LTC lottery!
16 coins left for the 50LTC lottery!
September 17, 2013, 07:49:18 PM
There seems to be some server side issue (error 502). But, can you clarify your method for picking the ``3 winning tickets at random'' ? I didn't see it written in the page or in your post.
Sorry about the server error, that should be resolved now.
Each deposit address is added to an array according to however many deposits that address has made. We use the standard random python library to pick the first place winner, then remove that one instance of the address from the array. We then run the array against the python library for the second place winner and the same process for the third place winner.
while we may revise this process over time, we have not found any issues operating in this fashion. Users with multiple deposits have a chance to keep winning.
There are two issues: 1) it is not provably fair. 2) if you are using everything standard, then the PRNG is being seeded with the current time. The second issue makes it a lot easier for an attacker to determine what will be the outcome of your lottery.
The lottery is happening once all deposits reach 1 confirmation, which varies depending on network speed. So a timing attack is impossible.
We are currently working on a method to show the lottery is provably fair. How would you suggest doing this with a random drawing?
"impossible" is too strong. The attack can happen by analysis of the previous games, supposing there is a good amount of them a person can estimate how long it takes for all tickets to be sold. Suppose it takes N minutes at average, and since 1 confirmation is relatively fast with Litecoins, the total time required for a draw is just a bit more than N (2 to 5 minutes, lets say). Then, to simplify things, suppose your drawing happens like this one (the seeds you are using are exactly the ones in the following code, it is the standard one used in case you don't give other one):
Code:
import time
import random
seed = time.time()
random.seed(seed)
print random.randint(1, 100), random.randint(1, 100), random.randint(1, 100)
print seed
If the person estimated N well enough, then he can do the following:
Code:
import time
now = time.time() - 1
for i in xrange(1, 2000000):
test = now + i/1000000.
if test != seed:
continue
random.seed(test)
for j in xrange(3):
print random.randint(1, 100)
break
Note that this is a "relatively" theoretical attack, since it is checking against the unknown seed. For the purposes of this test, for the first piece of code I got the numbers 38 88 12. Which I managed to replicate in the bottom code by brute forcing the seed. If you run this code, it is not guaranteed that it will always find the correct seed, although it does very often in my machine (copy & paste both pieces to the same .py and run). The important thing to take from this is that using the current time as the seed is too weak.
Now your question regarding the provably fair part: you could use the very own blockchain for that. Consider the hash of m blocks; apply simple operations like XORing the hashes, and finally pick the winners from there. The XOR is to make it harder for the case where mining pools discard blocks on purpose to change the outcome of the lottery in their favour (this another "relatively" theoretical attack, but doable). I figure this might require a longer and more detailed explanation, but I'm not sure if you even plan on using a method based on this so I'm saving my time
September 17, 2013, 07:11:17 PM
There seems to be some server side issue (error 502). But, can you clarify your method for picking the ``3 winning tickets at random'' ? I didn't see it written in the page or in your post.
Sorry about the server error, that should be resolved now.
Each deposit address is added to an array according to however many deposits that address has made. We use the standard random python library to pick the first place winner, then remove that one instance of the address from the array. We then run the array against the python library for the second place winner and the same process for the third place winner.
while we may revise this process over time, we have not found any issues operating in this fashion. Users with multiple deposits have a chance to keep winning.
There are two issues: 1) it is not provably fair. 2) if you are using everything standard, then the PRNG is being seeded with the current time. The second issue makes it a lot easier for an attacker to determine what will be the outcome of your lottery.
The lottery is happening once all deposits reach 1 confirmation, which varies depending on network speed. So a timing attack is impossible.
We are currently working on a method to show the lottery is provably fair. How would you suggest doing this with a random drawing?
September 17, 2013, 05:06:27 PM
There seems to be some server side issue (error 502). But, can you clarify your method for picking the ``3 winning tickets at random'' ? I didn't see it written in the page or in your post.
Sorry about the server error, that should be resolved now.
Each deposit address is added to an array according to however many deposits that address has made. We use the standard random python library to pick the first place winner, then remove that one instance of the address from the array. We then run the array against the python library for the second place winner and the same process for the third place winner.
while we may revise this process over time, we have not found any issues operating in this fashion. Users with multiple deposits have a chance to keep winning.
There are two issues: 1) it is not provably fair. 2) if you are using everything standard, then the PRNG is being seeded with the current time. The second issue makes it a lot easier for an attacker to determine what will be the outcome of your lottery.
September 17, 2013, 04:36:15 PM
There seems to be some server side issue (error 502). But, can you clarify your method for picking the ``3 winning tickets at random'' ? I didn't see it written in the page or in your post.
Sorry about the server error, that should be resolved now.
Each deposit address is added to an array according to however many deposits that address has made. We use the standard random python library to pick the first place winner, then remove that one instance of the address from the array. We then run the array against the python library for the second place winner and the same process for the third place winner.
while we may revise this process over time, we have not found any issues operating in this fashion. Users with multiple deposits have a chance to keep winning.
all of this logic happens once the 25th, 50th, or 100th coin is deposited and after all deposits reach 1 confirmation
*edit*
that's whats happening right now.
Quote
Lottery winners are being picked, the next lottery will begin in just a few minutes
September 17, 2013, 04:16:31 PM
There seems to be some server side issue (error 502). But, can you clarify your method for picking the ``3 winning tickets at random'' ? I didn't see it written in the page or in your post.
September 17, 2013, 02:16:37 PM
Won second place, so the system appears to work! Can't wait for the next game to end. I don't really understand why these sorts of games are not more popular..
Congrats!
We are working on some better stats today. Going to show the progress of each lottery on the right side under the buttons. A few other minor things too.
September 17, 2013, 02:10:12 PM
Won second place, so the system appears to work! Can't wait for the next game to end. I don't really understand why these sorts of games are not more popular..
September 17, 2013, 08:51:12 AM
Received, thanks! Interested in progress and hopefully some bets roll in.
Sorry about that.
We will roll in any late bets before anyone is allowed to deposit for the next round. This will allow the system to catch up before allowing anyone new to deposit.
for now, please refresh the page before you send. working on this now.
Sounds good. I will sprinkle some seed to see if we can roll the ball!
Only a few coins away from the next 25 LTC lottery. Looks like we've got some coins in the 100 and 50 lotteries as well!
If anyone has anymore suggestions, please feel free to leave them here.
September 17, 2013, 12:04:23 AM
Received, thanks! Interested in progress and hopefully some bets roll in.
Sorry about that.
We will roll in any late bets before anyone is allowed to deposit for the next round. This will allow the system to catch up before allowing anyone new to deposit.
for now, please refresh the page before you send. working on this now.
Sounds good. I will sprinkle some seed to see if we can roll the ball!
September 17, 2013, 12:02:11 AM
Received, thanks! Interested in progress and hopefully some bets roll in.
Sorry about that.
We will roll in any late bets before anyone is allowed to deposit for the next round. This will allow the system to catch up before allowing anyone new to deposit.
for now, please refresh the page before you send. working on this now.
September 16, 2013, 11:52:48 PM
Received, thanks! Interested in progress and hopefully some bets roll in.
September 16, 2013, 11:49:05 PM
Also, I am guessing the previous "winners" are test runs?
There is a 25 LTC lottery running now. Once all deposits have 1 confirmation, the winners are picked and payouts are sent.
And yes, we have tested each lottery with real coins.
Alright, so when I refreshed I saw 15 LTC. So I opened my LTC wallet, but by the time it synced the game had ended I suppose, but I sent 10 LTC. I had generated the address to deposit I suppose sometime right before the block hit the blockchain, ending that game (2 seconds after sending, I checked the game page, but it had ended.
What happens when more than 25 LTC are sent to the 25 LTC game?
I do not see that 10 LTC (7 confs) confirmed anywhere. Did it somehow slide into the last game? If so, I immediately find the lack of a "sheet of entry" a bit troublesome. Is it plausible that after the game is done, you can submit data showing the entries from X addresses? As it is, I can't tell where my LTC is.
Did you send to the 25 LTC lotto? Let me check it out, just a moment.
*edit* OK, I see there is an extra 10LTC. You must have sent it at the same time as someone else. I will return the coins to you, is the wallet in your signature ok?
LUFiqXjn11LNpXvhRi8NN7rjSLBcUH4kEQ
This works.
That presents a very fundamental flaw in the game - coin can too easily be lost. It needs to be buffered to the next game or this will be an absolutely chronic issue if you have any volume.
Ok will send back to that address.
We are working on a solution for this now. If a deposit is made after the current round, the coins will be rolled in to the next round.
September 16, 2013, 11:42:44 PM
Also, I am guessing the previous "winners" are test runs?
There is a 25 LTC lottery running now. Once all deposits have 1 confirmation, the winners are picked and payouts are sent.
And yes, we have tested each lottery with real coins.
Alright, so when I refreshed I saw 15 LTC. So I opened my LTC wallet, but by the time it synced the game had ended I suppose, but I sent 10 LTC. I had generated the address to deposit I suppose sometime right before the block hit the blockchain, ending that game (2 seconds after sending, I checked the game page, but it had ended.
What happens when more than 25 LTC are sent to the 25 LTC game?
I do not see that 10 LTC (7 confs) confirmed anywhere. Did it somehow slide into the last game? If so, I immediately find the lack of a "sheet of entry" a bit troublesome. Is it plausible that after the game is done, you can submit data showing the entries from X addresses? As it is, I can't tell where my LTC is.
Did you send to the 25 LTC lotto? Let me check it out, just a moment.
*edit* OK, I see there is an extra 10LTC. You must have sent it at the same time as someone else. I will return the coins to you, is the wallet in your signature ok?
LUFiqXjn11LNpXvhRi8NN7rjSLBcUH4kEQ
This works.
That presents a very fundamental flaw in the game - coin can too easily be lost. It needs to be buffered to the next game or this will be an absolutely chronic issue if you have any volume.
September 16, 2013, 11:38:17 PM
Also, I am guessing the previous "winners" are test runs?
There is a 25 LTC lottery running now. Once all deposits have 1 confirmation, the winners are picked and payouts are sent.
And yes, we have tested each lottery with real coins.
Alright, so when I refreshed I saw 15 LTC. So I opened my LTC wallet, but by the time it synced the game had ended I suppose, but I sent 10 LTC. I had generated the address to deposit I suppose sometime right before the block hit the blockchain, ending that game (2 seconds after sending, I checked the game page, but it had ended.
What happens when more than 25 LTC are sent to the 25 LTC game?
I do not see that 10 LTC (7 confs) confirmed anywhere. Did it somehow slide into the last game? If so, I immediately find the lack of a "sheet of entry" a bit troublesome. Is it plausible that after the game is done, you can submit data showing the entries from X addresses? As it is, I can't tell where my LTC is.
Did you send to the 25 LTC lotto? Let me check it out, just a moment.
*edit* OK, I see there is an extra 10LTC. You must have sent it at the same time as someone else. I will return the coins to you, is the wallet in your signature ok?
September 16, 2013, 11:35:07 PM
Also, I am guessing the previous "winners" are test runs?
There is a 25 LTC lottery running now. Once all deposits have 1 confirmation, the winners are picked and payouts are sent.
And yes, we have tested each lottery with real coins.
Alright, so when I refreshed I saw 15 LTC. So I opened my LTC wallet, but by the time it synced the game had ended I suppose, but I sent 10 LTC. I had generated the address to deposit I suppose sometime right before the block hit the blockchain, ending that game (2 seconds after sending, I checked the game page, but it had ended.
What happens when more than 25 LTC are sent to the 25 LTC game?
I do not see that 10 LTC (7 confs) confirmed anywhere. Did it somehow slide into the last game? If so, I immediately find the lack of a "sheet of entry" a bit troublesome. Is it plausible that after the game is done, you can submit data showing the entries from X addresses? As it is, I can't tell where my LTC is.
September 16, 2013, 11:19:19 PM
Also, I am guessing the previous "winners" are test runs?
There is a 25 LTC lottery running now. Once all deposits have 1 confirmation, the winners are picked and payouts are sent.
And yes, we have tested each lottery with real coins.
September 16, 2013, 11:18:34 PM
I'm pleased to see the first lottery is running. Thanks guys and good luck!
September 16, 2013, 11:15:50 PM
Also, I am guessing the previous "winners" are test runs?
Jump to: