Pages:
Author

Topic: Just-Dice is not provably fair to gamblers (Read 4184 times)

member
Activity: 118
Merit: 10
June 19, 2014, 08:42:23 PM
#51
As dooglus's attorney and advisor I ask you remove your head from your ass,

Yeah, it probably doesn't need saying, but Kyle doesn't represent me in any capacity.

Please feel free to leave your head wherever it is.

Excellent response. Keep up the great work shredding whales with mathematics.
full member
Activity: 215
Merit: 100
Quote
By default its not provably fair, perhaps should put this on your site:

This game is provably fair*

*At Just-Dice, those steps are:
1) make a note of the server seed hash
2) set your own (unpredicable) client seed
3) play as much as you like, making a note of your rolls
4) verify the rolled numbers


No, by default the game is provably fair.  Provable is an adjective, it means that something is capable of being proven.  Just-dice can be proven to be fair.  As Doog explained, the user just has to take certain steps to do that.  And, as far as I know, of those who did take those steps, just-dice has been proven fair 100% of the time.  

Every user has the ability to prove that the game that they just played is fair.  It sounds like you just want the site to make it easier for users to prove that the game is fair.  Doog's position appears to be that the benefits of that, if any, are outweighed by the negative impact those changes would have on user experience.  If anyone disagrees, I'm sure there are other dice sites that make it easier to prove fairness, and if not, create one!  Maybe you're right, Doog is wrong, and users do prefer the steps to prove fairness to be easier, even if it requires changes that may be a detriment to the user experience.  Maybe there's some room for innovation there, and it can be done with little to no cost to the user experience.  

The point is, the game is fair, and with some effort that can be proven by anyone playing it if they follow Doog's instructions.  Just-dice is provably fair to gamblers.

The potential for anyone in Doog's position to do something dishonest (walk away with investor money, cheat his own site, switch the game with a different game that is unfair) has nothing to do with the fairness of the game.  That potential exists whenever someone must place their trust in someone else.  You can never prove that there is a 100% chance of honesty.  But you can make a rational, informed judgment, and all things considered this seems to be a pretty safe one considering the various incentives, at least in this context (I know little about and can't comment on whether the site is safe from hackers, for example, though it is a pretty big target and as far as I know other than a manual payout mistake early on, not much of any has been lost).

I agree with you that the site can be provably fair, and that has to be balanced with the user experience. 

My main point of the post is it is not provably fair by default.
If you visit the site for the first time, the client and server seeds are provided by the server, yes you can verify they rolled as expected, but it is also possible those client and server seeds were pre-prepared.

I am over the issue now, I am not going to do a crusade, I'll let the gamblers make their decisions.

Okay, how about first time someone visits JD it pops up for a name and then for a starting client seed? Would this stop making you, to use a JD term, butthurt?
mem
hero member
Activity: 644
Merit: 501
Herp Derp PTY LTD
Sounds like the same issue I hit satoshicircle for very hard.

The difference being after an extended gmail chat and then a good skype chat the site admin finally came around to seeing my point, and more importantly seeing that more trust == more clients.
legendary
Activity: 2940
Merit: 1333
That is a fair use case, If the user has requested it on one screen they shouldn't be bothered by a fancybox pop up on the others that say the seeds has been changed.
then you have no way to change the seeds during betting without the user knowing.

The seeds are stored on the server, and are invisible to the user.  I can change them at any point, whatever the javascript on the client side says, and just not tell the client about the changes.

The only way to detect such a change is to verify the rolls that were made.  This is the case for every provably fair site, of course.  If you don't take some small steps to verify the fairness, the site is able to cheat you.
newbie
Activity: 12
Merit: 0
That is a fair use case, If the user has requested it on one screen they shouldn't be bothered by a fancybox pop up on the others that say the seeds has been changed.
then you have no way to change the seeds during betting without the user knowing.
legendary
Activity: 2940
Merit: 1333
The code I refer to doesn't have anything to do with the randomize screen, I am saying you can replace the server and cliend seeds as well as the number of rolls on the fair tab any time you want with this code:
Code:
  socket.on("shash", function(data) {
    $("#shash").html(data)
  });
  socket.on("seed", function(data) {
    $("#seed").html(data)
  });
...
  socket.on("nonce", function(data) {
    $("#nonce").html(data)
  });

Oh, I see.

That's necessary because the user can change his seeds at any time.  When the user changes his seeds, I want the 'Fair?' tab to reflect that change on all his devices / browsers / tabs.  You see he may click 'randomize' on his phone, while having the site also open on his laptop.  I want to be able to update the 'Fair?' tab on the laptop even though he doesn't have the randomize dialog open there.
newbie
Activity: 12
Merit: 0
Don't forget the second point I made earlier that he can actually change the seeds anytime he wants during your betting, so he can figure out your pattern and then choose the corresponding client/seed hash, yes it would be more risky for him to do this incase someone actually wrote down their hashes, but really who does?

If he wanted he could remove his ability to change your seeds on the fly with a simple if statement, I have raised this with him and now the community, no one cares, then let it be.

I didn't address that because I don't think people are very interested, but you don't seem to know what you're talking about.

The field that holds the seeds is created on the fly when you click 'randomize'.  I can't change the value in a field that doesn't exist.  If the "randomize" dialog isn't visible, the seed field doesn't exist.

The code I refer to doesn't have anything to do with the randomize screen, I am saying you can replace the server and cliend seeds as well as the number of rolls on the fair tab any time you want with this code:
Code:
  socket.on("shash", function(data) {
    $("#shash").html(data)
  });
  socket.on("seed", function(data) {
    $("#seed").html(data)
  });
...
  socket.on("nonce", function(data) {
    $("#nonce").html(data)
  });
hero member
Activity: 728
Merit: 500
Quote
By default its not provably fair, perhaps should put this on your site:

This game is provably fair*

*At Just-Dice, those steps are:
1) make a note of the server seed hash
2) set your own (unpredicable) client seed
3) play as much as you like, making a note of your rolls
4) verify the rolled numbers


No, by default the game is provably fair.  Provable is an adjective, it means that something is capable of being proven.  Just-dice can be proven to be fair.  As Doog explained, the user just has to take certain steps to do that.  And, as far as I know, of those who did take those steps, just-dice has been proven fair 100% of the time. 

Every user has the ability to prove that the game that they just played is fair.  It sounds like you just want the site to make it easier for users to prove that the game is fair.  Doog's position appears to be that the benefits of that, if any, are outweighed by the negative impact those changes would have on user experience.  If anyone disagrees, I'm sure there are other dice sites that make it easier to prove fairness, and if not, create one!  Maybe you're right, Doog is wrong, and users do prefer the steps to prove fairness to be easier, even if it requires changes that may be a detriment to the user experience.  Maybe there's some room for innovation there, and it can be done with little to no cost to the user experience. 

The point is, the game is fair, and with some effort that can be proven by anyone playing it if they follow Doog's instructions.  Just-dice is provably fair to gamblers.

The potential for anyone in Doog's position to do something dishonest (walk away with investor money, cheat his own site, switch the game with a different game that is unfair) has nothing to do with the fairness of the game.  That potential exists whenever someone must place their trust in someone else.  You can never prove that there is a 100% chance of honesty.  But you can make a rational, informed judgment, and all things considered this seems to be a pretty safe one considering the various incentives, at least in this context (I know little about and can't comment on whether the site is safe from hackers, for example, though it is a pretty big target and as far as I know other than a manual payout mistake early on, not much of any has been lost).

I agree with you that the site can be provably fair, and that has to be balanced with the user experience. 

My main point of the post is it is not provably fair by default.

As was said before, the adjective in use here is "provably" not "proven". If something is provable, then it is possible for it to be proven, but it's not proven by default. Fairness on JustDice is provable, that is, it is possible to be proven, it is not proven by default.

There is nothing wrong with the way it is worded. If it would've said "Proven fair", it would've been a different matter.
legendary
Activity: 2940
Merit: 1333
Don't forget the second point I made earlier that he can actually change the seeds anytime he wants during your betting, so he can figure out your pattern and then choose the corresponding client/seed hash, yes it would be more risky for him to do this incase someone actually wrote down their hashes, but really who does?

If he wanted he could remove his ability to change your seeds on the fly with a simple if statement, I have raised this with him and now the community, no one cares, then let it be.

I didn't address that because I don't think people are very interested, but you don't seem to know what you're talking about.

The field that holds the seeds is created on the fly when you click 'randomize'.  I can't change the value in a field that doesn't exist.  If the "randomize" dialog isn't visible, the seed field doesn't exist.
legendary
Activity: 2940
Merit: 1333
yeah I never wrote it down, some people dont know how to do this hash or seed thing

Like you say, there's no way you can be sure a site isn't cheating you if you're not prepared to do a little work to verify things to your own satisfaction.

I designed JD to make it as easy as possible to verify your rolls.  I saw some sites which change the server seed every roll (bitzino, primedice), which makes it really quite tedious to verify things as a matter of course.  I saw other sites which change the server seed every 24 hours (coinroll, satoshidice) which means you have to wait up to 24 hours to verify your rolls.  So I made it that the player gets to decide when to change their seed, and only the player.  So if you want to make 100 rolls and then verify them, you can, simply by noting the hash before you start, making sure it's the same after you play, and using the verifier script.

If a player doesn't care enough to verify his rolls, then I can cheat him.  I don't know in advance which ones are going to check and which aren't.  I can't afford to get caught cheating even once, so I just don't cheat anyone.  Presumably the ones who don't verify their rolls either trust the site not to be cheating, or see gambling as just a bit of fun and expect to lose anyway so it doesn't really matter.  But I'm just guessing.
sr. member
Activity: 364
Merit: 250
yeah I never wrote it down, some people dont know how to do this hash or seed thing.  Its up to the people to trust him and the ones that care about winning should learn how to verify bets.  Maybe any dice site op can tell if someone looks at there seed so he wont dare change it.  So the best thing to do is to make sure its provably fair is to write it down and change seed on everybet.  Its not his job to force you to write it down.  Hes the Op not your baby sitter. No offence to doog, Im only saying this for all dice sites.  This goes for all sites that have provably fair verification.
newbie
Activity: 12
Merit: 0

I agree with you that the site can be provably fair, and that has to be balanced with the user experience. 

My main point of the post is it is not provably fair by default.
If you visit the site for the first time, the client and server seeds are provided by the server, yes you can verify they rolled as expected, but it is also possible those client and server seeds were pre-prepared.

I am over the issue now, I am not going to do a crusade, I'll let the gamblers make their decisions.

So what? Unless dooglus has psychic powers, he can't tell how you're going to bet.  Are you betting high? Low? 49.5%? 20%? 10%? Martingale? Progressive strategy? Bet 0.1 but 1.0 every tenth bet?  He doesn't know.  Therefore he can't create a seed that will give you unlucky numbers for your particular betting strategy.

Don't forget the second point I made earlier that he can actually change the seeds anytime he wants during your betting, so he can figure out your pattern and then choose the corresponding client/seed hash, yes it would be more risky for him to do this incase someone actually wrote down their hashes, but really who does?

If he wanted he could remove his ability to change your seeds on the fly with a simple if statement, I have raised this with him and now the community, no one cares, then let it be.
legendary
Activity: 2940
Merit: 1333
Even if he could, cheating that way would not be very wise cause as soon as someone would find out the unfair pattern he could abuse it for his own profit.

Very good point. It If I always put a streak of 10 high rolls and another streak of 10 low rolls in the first 100, you could spot them quite easily and take advantage.

The best sequence of rolls from the site's point of view is a random sequence, because then the player can't work out the pattern and use it to his advantage.
sr. member
Activity: 313
Merit: 250
i ♥ coinichiwa
Therefore he can't create a seed that will give you unlucky numbers for your particular betting strategy.

Even if he could, cheating that way would not be very wise cause as soon as someone would find out the unfair pattern he could abuse it for his own profit.
legendary
Activity: 2940
Merit: 1333
So what? Unless dooglus has psychic powers, he can't tell how you're going to bet.  Are you betting high? Low? 49.5%? 20%? 10%? Martingale? Progressive strategy? Bet 0.1 but 1.0 every tenth bet?  He doesn't know.  Therefore he can't create a seed that will give you unlucky numbers for your particular betting strategy.

He did address this earlier.  Lots of players play martingale, so as long as I make sure there's a long streak of very high rolls and a long streak of very low numbers early on, most players will bust early (so long as they stick to all hi, or all lo).

I you think I'm searching for seed pairs with those properties, make sure you click 'randomize', make a note of the server seed hash, and set your own client seed before you play.

If I was doing something despicable like that, I expect the site's profit would be a little higher than the current 0.28% of turnover however.
kgo
hero member
Activity: 548
Merit: 500

I agree with you that the site can be provably fair, and that has to be balanced with the user experience. 

My main point of the post is it is not provably fair by default.
If you visit the site for the first time, the client and server seeds are provided by the server, yes you can verify they rolled as expected, but it is also possible those client and server seeds were pre-prepared.

I am over the issue now, I am not going to do a crusade, I'll let the gamblers make their decisions.

So what? Unless dooglus has psychic powers, he can't tell how you're going to bet.  Are you betting high? Low? 49.5%? 20%? 10%? Martingale? Progressive strategy? Bet 0.1 but 1.0 every tenth bet?  He doesn't know.  Therefore he can't create a seed that will give you unlucky numbers for your particular betting strategy.
b!z
legendary
Activity: 1582
Merit: 1010
in the matter a fact i wrote about your site on my site... Smiley
http://bitcoinadvice.bugs3.com/btc-and-doge-betting/
and i didnt ask nothing for advertising  Tongue
p.s.
I count on your good heart
hehehehe

Thanks for the review.  I hadn't seen that before.

This made me smile:

> meaning that support is almost excellent and easy to acquire on Just-Dice

"almost excellent" Wink

I can't find anything substantial to complain about... so I'll just mention that the "which can be seen at the Bitcoin address 14o7zMMUJkG6De24r3JkJ6USgChq7iWF86." line is badly formatted on my screen.  The address is too long, making the right-justified text on the previous line far too spaced out.  Maybe use a link to the blockchain.info page for the address and say "which can be seen [here]".

Actually, it's copied directly from Bitcoin Reviewer, and he didn't write any of it.  Roll Eyes

I did update the review though. http://bitcoinreviewer.com/just-dice-review/
legendary
Activity: 2940
Merit: 1333
in the matter a fact i wrote about your site on my site... Smiley
http://bitcoinadvice.bugs3.com/btc-and-doge-betting/
and i didnt ask nothing for advertising  Tongue
p.s.
I count on your good heart
hehehehe

Thanks for the review.  I hadn't seen that before.

This made me smile:

> meaning that support is almost excellent and easy to acquire on Just-Dice

"almost excellent" Wink

I can't find anything substantial to complain about... so I'll just mention that the "which can be seen at the Bitcoin address 14o7zMMUJkG6De24r3JkJ6USgChq7iWF86." line is badly formatted on my screen.  The address is too long, making the right-justified text on the previous line far too spaced out.  Maybe use a link to the blockchain.info page for the address and say "which can be seen [here]".
legendary
Activity: 2940
Merit: 1333
Well you never can win a house...  1 from 10000 will "win" something.... i try play for few satoshi and i can say nothing... but 5 miss strike on 91%... well probability for that is 1:95848388234728472882426378462387432.... and i have 3 5xstrikes in 2 hours... Smiley

I think there's a problem with your calculation there.

You lose a 91% bet with more than 1 in 10 chance.
So you lose 5 in a row with more than 1 in 100,000 chance.

"in 2 hours" doesn't tell us much when we don't know how fast you're playing.

If you tell me your account number I can give some real statistics and we can see how unlucky you really were.

dooglus do not be mad... Tongue probability that i wrote is to hight, and your "1 in 100,000 chance" its way to low from the right number....

I wasn't mad.  I saw you make a mathematical error and pointed it out.

If you like, I can be more accurate with my numbers:

The probability of losing a 91% bet is 0.09.
The probability of losing N of them in a row is 0.09^N
So the probability of losing 5 in a row is 0.09^N = 0.0000059049
That's 1 in 169,350.878

Huh.  Well what do you know, I was wrong!  lol

Not sure what I was thinking when I wrote "You lose a 91% bet with more than 1 in 10 chance" - you lose a 91% bet 9% of the time, or about 1 in 11.1111.  1 in 11 is less than 1 in 10.  Huh.

But still, I was a little closer than you.  169,350 is closer to 100,000 than 95848388234728472882426378462387432 is.
newbie
Activity: 12
Merit: 0
Quote
By default its not provably fair, perhaps should put this on your site:

This game is provably fair*

*At Just-Dice, those steps are:
1) make a note of the server seed hash
2) set your own (unpredicable) client seed
3) play as much as you like, making a note of your rolls
4) verify the rolled numbers


No, by default the game is provably fair.  Provable is an adjective, it means that something is capable of being proven.  Just-dice can be proven to be fair.  As Doog explained, the user just has to take certain steps to do that.  And, as far as I know, of those who did take those steps, just-dice has been proven fair 100% of the time.  

Every user has the ability to prove that the game that they just played is fair.  It sounds like you just want the site to make it easier for users to prove that the game is fair.  Doog's position appears to be that the benefits of that, if any, are outweighed by the negative impact those changes would have on user experience.  If anyone disagrees, I'm sure there are other dice sites that make it easier to prove fairness, and if not, create one!  Maybe you're right, Doog is wrong, and users do prefer the steps to prove fairness to be easier, even if it requires changes that may be a detriment to the user experience.  Maybe there's some room for innovation there, and it can be done with little to no cost to the user experience.  

The point is, the game is fair, and with some effort that can be proven by anyone playing it if they follow Doog's instructions.  Just-dice is provably fair to gamblers.

The potential for anyone in Doog's position to do something dishonest (walk away with investor money, cheat his own site, switch the game with a different game that is unfair) has nothing to do with the fairness of the game.  That potential exists whenever someone must place their trust in someone else.  You can never prove that there is a 100% chance of honesty.  But you can make a rational, informed judgment, and all things considered this seems to be a pretty safe one considering the various incentives, at least in this context (I know little about and can't comment on whether the site is safe from hackers, for example, though it is a pretty big target and as far as I know other than a manual payout mistake early on, not much of any has been lost).

I agree with you that the site can be provably fair, and that has to be balanced with the user experience. 

My main point of the post is it is not provably fair by default.
If you visit the site for the first time, the client and server seeds are provided by the server, yes you can verify they rolled as expected, but it is also possible those client and server seeds were pre-prepared.

I am over the issue now, I am not going to do a crusade, I'll let the gamblers make their decisions.
Pages:
Jump to: