Pages:
Author

Topic: Is PrimeDice really (provably)fair? - page 5. (Read 32424 times)

hero member
Activity: 546
Merit: 500
Carpe Diem
December 06, 2013, 04:28:08 PM
is it suggested to change the client seed every roll?  and the number that looks like xxxxxxx-xxxx, which number should I be changing, both of them or just the number on the left?
member
Activity: 72
Merit: 10
Drunk Lunatic
December 06, 2013, 12:00:53 AM
Small, additional note to my previous messages:

Let's assume that You decided to change Your fancy client seed to this:

mycoolclientseed

Good, now we have 100% provably fair shit!
But.

After setting initial client seed (Your own or random one choosen by sever or scammy one or whatever), Your first bet's client seed will look like:

mycoolclientseed

and after, in each bet - no matter if You use built in bot or no - it will look like this

mycoolclientseed-0001
mycoolclientseed-0002
mycoolclientseed-0003
mycoolclientseed-0004
mycoolclientseed-0005

etc.

Let's take a look at process of choosing server seed after each bet:

When You bet, You send POST req to https://primedice.com/api/bet.php. In answer, You'll get json-like structure that will be used by JavaScripts on site to show You results of Your action. Here's example:

Code:
{"username":"uoyeparannog","roll":"13.37","game":"<49.50","type":0,"bet":"1.00000000","result":"0","bet_id":"666","time":"01:23","elapsed":"01:23","multiplier":"2.00000","winnings":"0.00000000","balance":"0.00000000","client_seed":"mycoolclientseed-0002","server_seed":"blahblah","next_server_seed":"somuchfair"}

Let's assume for a while that Stunna is incarnation of Satan and wants to steal some of Your bitcoins - or just give a little boost to his profit.

Magic Control System (I'll call it MCS later) may work on many conditions - for example it may "want" to keep 1 BTC profit daily, or to break any good martingale session, or anything. Let's assume simplest example - martingale breaker. Note that martingale is shit, so You don't even need MCS to get some money.

So I play martingale.
Beting 1 BTC - won. Cool.
Beting another 1 BTC - lost. Damn.
Beting 2 BTC - won. Yeah.
Beting 1 BTC - won. Good.
Beting 1 BTC - won. Perfect.

In this moment I have 4 BTC profit. Let's say that MCS doesn't like it.
It noticed already that I play martingale. It knows that I play on ""type":0" ("low"). I'm lazy, so I just keep clicking buttons or use built-in bot. It may know that I'll use "low" bet next time, just because I do it often.

Now, my last client_seed was mycoolclientseed-0015. It's 15th in row. Bot will know that most likely next client_seed will be mycoolclientseed-0016.

Now, note that server_seed is choosen by server after each bet:

Code:
next_server_seed":"somuchfair"

Using this feature, server may decide about result of roll. So if it'll notice that I use martingale and type:0 it can lead me to big loss without any damn problem.

Ok, again, to control user's game we have to:

1. Know what client seed he will use.
2. Know what game type (high or low) he will use.
3. Know what he'll bet. (optionally)

And now quick take-a-look at PD:

1. We can predict user's client seed, because of [seed]-0001, [seed]-0002 etc. structure. To avoid it, client have to change his client seed after each roll. Ask Yourself a queston: who will change his client seed after each roll? It is easy for normal user? No. It's boring and unconfortable. Only well-scripted players who can write (or find and use) bots and auto-client-seed-changers will do it. It's rare case so we can forget it.
2. Most users will not randomly click "high/low" switch before each bet. Many high rollers does it, but still - it's easier to click one button, especially when You play two or six hours.
3. Most players uses martingale-like systems, flat rate or "near-flat-rate". If someone started to bet 0.120, 0.150, 0.100, 0.09, he'll propably not suddenly bet 0.00000001. He'll bet around that 0.1 - more or less, but near.

It's perfect environment for our magic system, isn't it? Want more? Here it is!

TADA! BUILT IN BOT!
Cool feature, I like it, but when You'll run it:

1. Client seed will be 100000000% predictable.
2. Bet amount will be 1000% predictable.
3. Hi/Low factor - fixed.

Money making machine.

I'm not telling You that Stunna does it. I like this guy, but if You'll ask me - I'll tell that I'm sure for 35-45% that such system exists here. Why?

1. Perfect environment. Everything would just work like a charm. As PrimeDice admin You have near 100% control - You decide how much and when You'll earn. You're 100% sure about Your earnings. You can even set some absurdal house edge like 0.5% to get more players and still get profit like on 10% edge or more. Even if 10% of players haves bots to auto-change client seeds and doesn't use bult in bot, 90% of losers will still work for You and that 10% doesn't really matter - let them play.
2. Undetectable. What do You want? Everything is provalby fair. You can change Your client seed whenever You want. 120 loses in row? Guy it's gamling - it's possible (of course it is, btw). Peoples can only troll around forum telling shit and pissing off forum members - they have no technical knowledge and will look like idiots, and doesn't even know how provably fair works, noone will take care - better! We'll have group of fans! "Yeah, fuck You troll, PD is provably fair and You're idiot - I feel good, because I feel smart and I know that PD is good".
3. Moneys. Who doesn't need it? More money is better in most cases.
4. You're not marked as scammer! Better! You're trusted owner of 100% provably fair casino. Good amount of clients, good trust, good gamblers, high rollers and shit.
5. Such system may do anything You want. 1 BTC profit daily? Ok. Maybe 3 BTC daily? Ok, why not. Break martingale session if client's balance is above 10 BTC and his base bet is 0.5 BTC if today's casino profit is lower than 2 BTC? Sure, why not. Find high roller, let him make (X * 2 + 1) BTC profit where X = initial deposit, generate loss streak when he'll start martingale with base bet (0.1 * X) and it's monday? Ok. It's just two, three lines in PHP.

It's just perfect!

Again, I'm not telling that Stunna does it. I just want to tell that:
a) It's 100% possible.
b) It's even TOO easy on PrimeDice - entire PD looks like just based on this conception.
c) It's really good idea if You're dice game owner.

Also note that even if such system exists, You can still play here and earn something - if system exists, it should aim at "general good" of house, not just to piss off single players - what I meant, we want to get 1 BTC profit daily, but we don't want to steal each penny from user's deposits - we'll steal it when we'll need it. They still have to win to keep playing - it's even good idea to force several big wins with anything above planned daily profit, or even code some "epic luck" scheme to keep talking about big wins on PD's thread from time to time...

Need example? For several bitcoins (just to pay my time) I can create clone of PD with all features and based on the same provably fair system - but with some nice addon. Programmable Magic Control System with badass admin panel where You can set conditions, daily profit and triggers. I'm not wasting words - I really can do it and it will work. Damn, You can even use it if You'll find some players - I don't care. Business is business.

Say good bye to perfect world full of good peoples. What the eyes doesn't see...
member
Activity: 72
Merit: 10
Drunk Lunatic
December 05, 2013, 07:12:33 PM
Anyone with minimum knowledge can check JS. There's propably a lot of guys who know JS. They can confirm fairness of generation system and provide proofs and "how-to-check-on-your-own" guide. As it's client side, any changes in JS will be noticed too.

Quote
It is much better to predisclose a hash of the secret seed and then let the client set its own client seed.
- As secret seed is the same for each player, changing it on the fly is very bad idea - so not valid method for scam. We talk about manipulating client seed.
- Client currently can set his own client seed - but that feature isn't very highlighted. You have to click some shittly button that looks like "just image". Defaultly, client seed changing form is hidden (+ PHP-generated default client seed - did I mention my 35-45% bet for 'system'?).
hero member
Activity: 745
Merit: 501
December 05, 2013, 07:00:58 PM
yes, client side generation on each roll would also do the trick, although one would need to audit the script and check the version they are served each time they open PrimeDice.

It is much better to predisclose a hash of the secret seed and then let the client set its own client seed. That way the casino can't temper rolls as they can't change secret and neither the client can because they don't know the secret but they'll know if it was changed afterward. It makes things easy to audit and doesn't require a change of client seed every bet.

That dynamic server seed PrimeDice adds on each roll has no business being there. That seeds hash to the correct roll does not make a game provably fair. The order seeds are generated does. If one party can know/expect to know all seeds in a roll and provide one dynamically on each roll, they can temper with results.

Unless the user changes the client seed before each roll, it's not provably fair. The roll verification doesn't mean anything.
member
Activity: 72
Merit: 10
Drunk Lunatic
December 05, 2013, 05:57:55 PM
Click "provably fair" button at bottom left and then click client seed.
hero member
Activity: 546
Merit: 500
Carpe Diem
December 05, 2013, 05:55:01 PM
I'm sure this is elementary to most of you, but how do I change my client seed?  is this something an average person can do?  thanks
member
Activity: 72
Merit: 10
Drunk Lunatic
December 05, 2013, 05:34:43 PM
"Default" client seed should be pre-generated by JavaScript after each roll, not by PHP like right now. When it's generated by JS on browser's side, we know that they don't manipulate it. Anyone can check what fills the form in that case.
Why PD doesn't use JS to pre-generate client seed? It's good idea, and not new. Simple to implement, provides a lot of trust and things - but was ignored. Why? Maybe due to lazy-ass developer, or maybe some system to "control" earnings of users who doesn't change client seed really exists. Anyway, if it exists, it can't work with built in beting bot (btw martingale is straight road to losing money so no cheating needed here as most users uses it as mini martingale bot).

Stunna is nice guy on public - so much love, so much understanding, so much problems solved, but business is business. I don't tell that 'control system' exists or no - it's very hard to determine and anyone who is 100% sure without access to source code is idiot - but I can tell that I'm 35-45% sure it's here. Because why not? Fair play? Bitch please, what the eyes doesn't see...
hero member
Activity: 745
Merit: 501
December 05, 2013, 02:41:10 AM
Primedice still has not changed to nonce betting. Been quite a bit of time already since the change was claimed "coming". Doing similar to what bit777 did, claims change was coming for provably fair but instead just increased marketing and left his games NOT provably fair at all.

To be fair it's completely provably fair, people just have to change their client seed.

It's a bit like Peerbet's instant & non instant games. If people trust PrimeDice, don't bother changing the client seed, if they do, change it.

Primedice IS provably fair, just not as easily provably fair as it could be.

Yes, but Just-Dice and Coinroll both have a method where changing client seed is not required for each bet and it works. Would make PrimeDice better to just remove the server seed and predisclose the secret's hash. That way they can't tempers roll by giving whatever server seed they want for each roll. They theoretically can get any result they want currently if you don't change server seed on each roll.
newbie
Activity: 42
Merit: 0
November 12, 2013, 06:51:46 AM
That is vlees site. It's not valid because you can change the client seed any time.

to win at these sites you have to forget about that seed nonsense and realize you are dealing with anti-martingaling script!(~or the manager at the console)  Wink e-z
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
November 12, 2013, 03:33:18 AM
That is vlees site. It's not valid because you can change the client seed any time.
hero member
Activity: 960
Merit: 502
November 08, 2013, 02:50:07 PM
i have had a losing streak on 20 twice lol, it´s easy to see or spot some long ass losing streaks, but i have also had some good winning streaks.
legendary
Activity: 1862
Merit: 1011
Reverse engineer from time to time
November 08, 2013, 02:35:21 PM
Yes, it is fair. You can read Bitcoin Reviewer's post on provably fair bitcoin to see how the system actually works.

Just because you were unlucky does not mean that the game is unfair.

you are trippin' fool!~ now you chumps are really starting to piss me off this provably fair nonsense ~ its done! You look very very stupid and scammy using this term in my honest opinion! SPAM YOUR BS ELSEWHERE!!  Cool


THE LAW IN NEVADA REQUIRES A RNG  FOR A REASON!!!

About the Author?LMAO= WHAT IS YOUR NAME?  Roll Eyes

Results from a random number generator can be manipulated easily. Provably fair results cannot.
Just posting this link again http://v20.nl/primedice/.

While the "client seed" is no more, and has been replaced by a nonce, it's again trivial to predict it, 1,2,3,4 etc so the website above is still valid.
newbie
Activity: 42
Merit: 0
November 08, 2013, 02:20:08 PM
While the server seed exists. Selective hashes can still be done, it's so trivial right now.

I should probably write a proof of concept script that shows this in action.

4th seed ?  Roll Eyes
The server seed needs to get removed. Do it like coinroll.it. Increment a nonce, and use the server secret. That much ELIMINATES the problem. The owner can still predict what you will roll, but cannot manipulate it.

you know this, and that's how you can reverse and trick them LOL!!!  Wink
I have no idea what you just said.

you push and bait them with a 2 > 3 digit pattern then bump to 5+ digits =) haaa
legendary
Activity: 1862
Merit: 1011
Reverse engineer from time to time
November 08, 2013, 02:17:23 PM
While the server seed exists. Selective hashes can still be done, it's so trivial right now.

I should probably write a proof of concept script that shows this in action.

4th seed ?  Roll Eyes
The server seed needs to get removed. Do it like coinroll.it. Increment a nonce, and use the server secret. That much ELIMINATES the problem. The owner can still predict what you will roll, but cannot manipulate it.

you know this, and that's how you can reverse and trick them LOL!!!  Wink
I have no idea what you just said.
newbie
Activity: 42
Merit: 0
November 08, 2013, 02:16:33 PM
While the server seed exists. Selective hashes can still be done, it's so trivial right now.

I should probably write a proof of concept script that shows this in action.

4th seed ?  Roll Eyes
... The owner can still predict what you will roll, but cannot manipulate it.

you know this, and that's how you can reverse and trick them LOL!!!  Wink
legendary
Activity: 1862
Merit: 1011
Reverse engineer from time to time
November 08, 2013, 02:07:10 PM
While the server seed exists. Selective hashes can still be done, it's so trivial right now.

I should probably write a proof of concept script that shows this in action.

4th seed ?  Roll Eyes
The server seed needs to get removed. Do it like coinroll.it. Increment a nonce, and use the server secret. That much ELIMINATES the problem. The owner can still predict what you will roll, but cannot manipulate it.
newbie
Activity: 42
Merit: 0
November 08, 2013, 02:04:16 PM
While the server seed exists. Selective hashes can still be done, it's so trivial right now.

I should probably write a proof of concept script that shows this in action.

4th seed ?  Roll Eyes
legendary
Activity: 1862
Merit: 1011
Reverse engineer from time to time
November 08, 2013, 01:57:31 PM
While the server seed exists. Selective hashes can still be done, it's so trivial right now. Even with this "nonce" that gets incremented, it's simple to just try and predict what the next nonce will be.

I should probably write a proof of concept script that shows this in action.
newbie
Activity: 42
Merit: 0
November 06, 2013, 09:08:46 AM
Yes, it is fair. You can read Bitcoin Reviewer's post on provably fair bitcoin to see how the system actually works.

Just because you were unlucky does not mean that the game is unfair.

you are trippin' fool!~ now you chumps are really starting to piss me off this provably fair nonsense ~ its done! You look very very stupid and scammy using this term in my honest opinion! SPAM YOUR BS ELSEWHERE!!  Cool


THE LAW IN NEVADA REQUIRES A RNG  FOR A REASON!!!

About the Author?LMAO= WHAT IS YOUR NAME?  Roll Eyes

Results from a random number generator can be manipulated easily. Provably fair results cannot.


how would you manipulate a RNG? So why is it the LEGAL STANDARD in Vegas?LMAO!!!

 Grin and who the ffk are you?haaa
b!z
legendary
Activity: 1582
Merit: 1010
November 06, 2013, 09:04:04 AM
Yes, it is fair. You can read Bitcoin Reviewer's post on provably fair bitcoin to see how the system actually works.

Just because you were unlucky does not mean that the game is unfair.

you are trippin' fool!~ now you chumps are really starting to piss me off this provably fair nonsense ~ its done! You look very very stupid and scammy using this term in my honest opinion! SPAM YOUR BS ELSEWHERE!!  Cool


THE LAW IN NEVADA REQUIRES A RNG  FOR A REASON!!!

About the Author?LMAO= WHAT IS YOUR NAME?  Roll Eyes

Results from a random number generator can be manipulated easily. Provably fair results cannot.
Pages:
Jump to: