Pages:
Author

Topic: Is PrimeDice really (provably)fair? - page 2. (Read 32424 times)

legendary
Activity: 2940
Merit: 1333
June 05, 2014, 10:23:59 AM
no new gaming sites that employ a system like this should be avoided until they correct this obviously bad practice

I would suggest exactly the opposite.

all new gaming sites that employ a system like this should be avoided until they correct this obviously bad practice
sr. member
Activity: 770
Merit: 250
June 05, 2014, 06:45:36 AM
This thread is simply stupid for the most part. Why post such accusations without anything to back it up? If these accusations are correct, it would not have been too difficult to actually gather some evidence that would show some statistically interesting bias. Of course it can be frustrating to lose money and if you have a 20-roll losing streak, it is very human to try and find a culprit elsewhere.

That is valid though, that the site could just choose when the user wins or not and a site operator would be tempted to manipulate the result if someone is about to win big (hundreds of BTC for example). I do not see any reason to believe PD is cheating now though but of course it should now be changed, for example to the Just-Dice system which works really well.

Anyway, especially after this thread, no new gaming sites that employ a system like this should be avoided until they correct this obviously bad practice. It is only a matter of time someone cheats big. Good work for putting these "provably fair" systems under scrutiny.
sr. member
Activity: 323
Merit: 254
June 05, 2014, 05:29:00 AM
If I could offer some criticism for off-chain provably fair systems in general, the use of a daily secret is unnecessary and counterproductive.

It's like this:

PrimeDice: changes secret every roll - makes the user have to do much work to verify (too hot)
CoinRoll: changes secret once per day - makes the user wait too long to verify (too cold)
Just-Dice: changes secret when the user asks to change it (just right)

It's like Goldilocks up in here.

with a min of 10 rolls per secret!  Tongue   why is that? why do you limit it?  not that i mind.
legendary
Activity: 2940
Merit: 1333
June 05, 2014, 05:15:01 AM
If I could offer some criticism for off-chain provably fair systems in general, the use of a daily secret is unnecessary and counterproductive.

It's like this:

PrimeDice: changes secret every roll - makes the user have to do much work to verify (too hot)
CoinRoll: changes secret once per day - makes the user wait too long to verify (too cold)
Just-Dice: changes secret when the user asks to change it (just right)

It's like Goldilocks up in here.
hero member
Activity: 577
Merit: 504
June 05, 2014, 04:31:19 AM
Agreed that site is scum
stay away all

That doesn't sound right from someone with "Trust: -6: -1 / +1(1) Warning: Trade with extreme caution!" Smiley
full member
Activity: 630
Merit: 103
June 05, 2014, 04:26:16 AM
Agreed that site is scum
stay away all
member
Activity: 70
Merit: 10
June 02, 2014, 05:31:30 AM
There's nothing wrong with PD's current implementation of a provably fair system.  The only criticism I see in this thread is that people don't use the system in any meaningful way and that somehow means PD is cheating.  If I could offer some criticism for off-chain provably fair systems in general, the use of a daily secret is unnecessary and counterproductive.  Satoshidice dice and similar games have an obvious need for a daily secret, and it makes sense in that context.  Off-chain games, however, can provide a hash of the next bit of data they intend to use to produce the next outcome.  An off-chain game with a provably fair system that relies on a daily secret makes it impossible to verify bets at run time for no good reason at all.  Stunna, unless you can come up with a good reason why a daily secret is better than random data generated per roll, I'd suggest you stay away from the implementation mistakes of your competitors.  Real time verification is a nice feature for people like me who are interested in automation.

Exactly.

All this entire accusation says is that PD is not fair if you don't change your seed. Well , duh.

I think it is not that easy to change the algorithm in ongoing system (please correct me if I'm wrong). I also believe if PD is trying to 'guess' your next move based on previous move, it can be a backfire to the site because player will be able to guess the site's move as well. The best move for PD should always be a random number, because even with this weakness, PD still does not know the bet amount. Hopefully I have correct understanding.
legendary
Activity: 1120
Merit: 1038
May 31, 2014, 03:43:51 AM
There's nothing wrong with PD's current implementation of a provably fair system.  The only criticism I see in this thread is that people don't use the system in any meaningful way and that somehow means PD is cheating.  If I could offer some criticism for off-chain provably fair systems in general, the use of a daily secret is unnecessary and counterproductive.  Satoshidice dice and similar games have an obvious need for a daily secret, and it makes sense in that context.  Off-chain games, however, can provide a hash of the next bit of data they intend to use to produce the next outcome.  An off-chain game with a provably fair system that relies on a daily secret makes it impossible to verify bets at run time for no good reason at all.  Stunna, unless you can come up with a good reason why a daily secret is better than random data generated per roll, I'd suggest you stay away from the implementation mistakes of your competitors.  Real time verification is a nice feature for people like me who are interested in automation.

Exactly.

All this entire accusation says is that PD is not fair if you don't change your seed. Well , duh.
sr. member
Activity: 285
Merit: 262
May 01, 2014, 03:52:28 AM
There's nothing wrong with PD's current implementation of a provably fair system.  The only criticism I see in this thread is that people don't use the system in any meaningful way and that somehow means PD is cheating.  If I could offer some criticism for off-chain provably fair systems in general, the use of a daily secret is unnecessary and counterproductive.  Satoshidice dice and similar games have an obvious need for a daily secret, and it makes sense in that context.  Off-chain games, however, can provide a hash of the next bit of data they intend to use to produce the next outcome.  An off-chain game with a provably fair system that relies on a daily secret makes it impossible to verify bets at run time for no good reason at all.  Stunna, unless you can come up with a good reason why a daily secret is better than random data generated per roll, I'd suggest you stay away from the implementation mistakes of your competitors.  Real time verification is a nice feature for people like me who are interested in automation.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
May 01, 2014, 01:11:32 AM
You don't really get it until you do. And when you do, you wonder why you never got it until then.

Whoever takes my concept of provably fair card games (poker, blackjack, etc) is going to make a killing. I just wish I had my own dev or team and the capital to make one myself.

I've also suggested to doog before, since I liked his version or implementation, to include a "dice on crack" version, where one can auto-bet 10k times and the whole sequence is pre-programmed (martingale or whatever) and the whole sequence is still provably fair from start to finish, based on the player's rules.

I'd certainly want to throw a bitcoin into gambling 10k rolls and finding out the result in 1 second.

I'm left to being a consultant or escrow and someone else will make all the money. Smiley
sr. member
Activity: 323
Merit: 254
April 30, 2014, 11:44:39 PM

If the seeds remain unchanged and the only variable left is predictable, such as an incrementing nonce, then both server and player can not cheat. The server can't change the outcome, the player does not know for sure, therefore the player can bet or gamble fairly.


ah thanks dabs for saying this! i've been failing to clearly understand this and now it just seems trivial! why didn't i get it before =D
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
April 30, 2014, 11:39:03 PM
ex. A server seed hash could be placed that results in a loss streak or a loss given the site knows your client seed.

Yes, that is true, but only if the server is allowed to generate their server side after knowing what the client seed is.

In both cases:

The server seed is created before the player can give their client seed. The server seed is hashed and shown to the player, so the player can verify at any time after a roll if it was fair or not. The player can verify that the server seed has not changed since it was created.

The server does not know the client seed until after it has created the server seed. The server therefor has no opportunity to compute or calculate a forced loss. It will simply calculate, whether that results in a loss or a win, fairly.

The order is important. Server creates server seed. Then player is allowed to create client seed or the player's deposit determines the client seed.

If the player creates the client seed first, then the server has an opportunity to attempt to manipulate future rolls.

If the seeds remain unchanged and the only variable left is predictable, such as an incrementing nonce, then both server and player can not cheat. The server can't change the outcome, the player does not know for sure, therefore the player can bet or gamble fairly.

If you need details, we can discuss over PM, but I think I already told you some time ago, I'll have to check.

(And oh, I still want to make a provably fair poker game, so ... PrimePoker looks good huh.)
legendary
Activity: 3192
Merit: 1279
Primedice.com, Stake.com
April 30, 2014, 10:36:38 PM
Stunna, your competitors (specifically JD and CR) don't get the same accusations. They are Provably Fair as far as players are concerned. I believe you can just simply use the same system and dooglus already gave open permission to copy his method.

This was the plan for the new site, there are still vulnerabilities with that method from what I can tell (please correct me if I'm wrong). I might not have an expert grasp on provably fair but couldn't a site using a system like JD's or CR's manipulate the sha 256 server seed hash to result in a loss streak for the player?

ex. A server seed hash could be placed that results in a loss streak or a loss given the site knows your client seed.

If the user didn't change their client seed frequently, wouldn't this be a possibility? If so what is the definitive advantage to that system and is there a way to improve on this? Our main motivation for changing our system will be instant verifiable results and ability to check them by running a terminal command but is there an advantage for the user in terms of fairness?
full member
Activity: 588
Merit: 100
April 30, 2014, 10:18:19 PM
Being an unregulated gambling site they can fix the odds as much as they want.

Some modified martingale systems can push the odds in your favor for awhile but you will eventually lose.

They have some type of bot to detect a standard martingale. <:-| *tinfoilhat

All in all, don't go to primedice with more than you're willing to lose.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
April 30, 2014, 10:05:09 PM
Stunna, your competitors (specifically JD and CR) don't get the same accusations. They are Provably Fair as far as players are concerned. I believe you can just simply use the same system and dooglus already gave open permission to copy his method.
legendary
Activity: 3192
Merit: 1279
Primedice.com, Stake.com
April 30, 2014, 07:33:44 PM
I stated what I wanted to say here:

https://bitcointalksearch.org/topic/m.6481848

LN and myself are discussing via PM how we can remedy our argument as well. In summary our current system is provably fair but not ideal and will be improved upon with user feedback in PD3, but it is very easy to make it 100% provably fair by changing your client seed. The main thing I think should be pushed for is an open source project where "provably fair" is created, right now any website can claim to be provably fair with any sort of implementation. Ideally what will happen is only websites that run a specific version of provable fairness will be considered provably fair. The difficulty is creating such a system on an off-chain site that does not inconvenience the user (force them to change a seed frequently).

-Stunna


sr. member
Activity: 285
Merit: 262
April 30, 2014, 07:20:43 PM
Users can change the client seed at will on PD.

Code:
$.getScript('//crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/sha512.js');

var betPayload = {
    bet: 0,
    game: 49.5,
    type: 0,
    client_seed: 0,
    token: 'xxx'
};

var count = 0;

var bot_bet = function(max_bets) {
  if(++count > max_bets) return;
  betPayload.client_seed = CryptoJS.SHA512(Math.random().toString()).toString();
  $.post(
    '/api/bet.php',
    betPayload,
    function(data) {
      data = JSON.parse(data);
      console.log(data);
      //do some bet logic
      setTimeout(bot_bet(max_bets), 500);
    }
  );
}
newbie
Activity: 13
Merit: 0
April 30, 2014, 06:50:24 PM
Didn't read the whole thread but just played a bit...

When it comes to automated betting the user has no chance to change the client seed on every roll but PD has indeed the possibility to generate a server seed to his hown favour.

Example:

- PD knows the next roll will have the old client seed + incremented number. like if it was "abcdef-0001" it will be "abcdef-0002" for the next roll.
- PD knows the user is playing < 49.5 thus for the user to lose it needs a number > 49.5 and all PD needs to do is generating a server seed which will result in a number > 49.5 (actually I don't know if the server seed is generated transparently on the client side, which would prove my arguments invalid or - as the name suggests itself - on the server side)
- Generating a favourable number is trivial when you know the daily secret plus the client seed and can change the server seed at your discretion:

Code:
$seed  = 'daily secret';
$nextclient = 'abcdef-0002';

do {
   $server = rand(0,999999999);
   $hash = hash('sha512', $seed . $server . $nextclient);
   $value = substr($hash, 0, 8);
   $dice = round(hexdec($value)/42949672.95,2);
} while ($dice < 49.5);

echo 'Next server seed should be ' . $server . ' and will result in number ' . $dice;
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
April 30, 2014, 05:10:20 PM
Do you even understand what Provably Fair means?
sr. member
Activity: 390
Merit: 250
April 30, 2014, 04:37:22 PM
I can't decide if this is funny or sad, please help me...

PD Stunna accusing others for not being provably fair while running not provably fair site and advertising on his thread banner that PD is provably fair while it's not



Pages:
Jump to: