Author

Topic: Just-Dice.com : Invest in 1% House Edge Dice Game - page 147. (Read 435458 times)

newbie
Activity: 10
Merit: 0
Can someone explain to me why a site that allows the house to have both seeds/keys and can use that information against player money 'invested' in the bank's position, wouldn't be suspected of being a scam? Per your SD and other statistical analysis, it could easily manipulated by the con in several ways. One way would be to intentionally lose a number of bets to create a distribution to their liking and simply betting more less times.

To me it seems like a perfect setup for a con. I'm not saying it is a con, but if I were a betting man....

Just-Dice is suspected of being a scam by some.  Barely a day goes by without me seeing someone saying "dooglus == nakowa".  Mostly they're joking, but it's certainly on people's minds.

Personally, if I was going to make a 2nd account to win the investor's money with I don't think I would make it an account with such a forum presence.  nakowa has set up a competing dice site, closed it, then funded the IPO of a 2nd competing dice site almost singlehandedly, posted threads in which he offers to sell his 'strategy', and made a huge amount of noise on the site.  He argues with me in threads here too.

That seems like an awful lot of work to go to in order to steal from the investors.  If I was wanting to steal from the investors it would be a lot easier to do it from an account that never speaks in the chat and has no forum presence.

Even easier than that would be to run an honest site and collect commissions week after week.  That's the plan.  I hope it will work out in the long run.  Geese, golden eggs, etc.

You're clearly a very intelligent and well spoken person, and I do respect the concept and execution behind the site, but it would be much better to remove this potential conflict of interest altogether. I don't see the necessity to have outside 'investors' since it's one of the biggest credibility destroyers about your business. Conflicts of interest are no good. Even if you're not cheating, who's to say someone on your team isn't?

Also, not saying this is the case, but all of this publicity, public speaking, etc can be a good source of red herrings to keep people believing longer (keep the con going) as well as bring in more cash.

Also, there would be no way to steal from a quiet account, it would be noticed and its silence would be even more suspicious. Putting a face to this 'whale' is far more convincing that at the very least 'cheating' isn't going on (another credibility destroyer). You also can't steal from a bunch of small accounts because that would make the game look systemically broken (statistically, versus a loss based on variance).

Again, I have no proof here, but the red flags should be a deal breaker for intelligent people. That you're able to continue operating despite this glaring security hole/conflict of interest, makes me believe that even if you are fooling people, you've earned it. If people have been warned and still do it, they're greedy and foolish, and deserve to be parted with their money.
legendary
Activity: 1022
Merit: 1000
As for the calls to "change something", if he's cheating then limiting the maximum bet won't stop him winning, and if he isn't cheating and is just lucky then limiting the maximum bet will only slow his inevitable losses.  I don't see how it helps in either case.

One thing that I can change that will protect investors is whether the site is up or not.  If I take it down they won't lose any more.  But I suspect that most investors wouldn't like that decision.  They want the site to stay up so they can win their coins back again.  The ones who want this to end have the option already of divesting.

I'm quite tempted to just give up on this whole thing.  It looks like the site is simply at nakowa's mercy.  He's promised me in the past that he won't play any more, but never sticks to his word.  So what do I do?  Continue to let the investors take these horrific losses?

I am a small investor and love just-dice, thanks dooglus for making it possible for small fry like me to play with you.

Now that we know Nakowa's basic system - willingness to absorb large losses while waiting for a targeted win number - it seems like investors can now design a counter strategy, for example I bailed out today for his final run of winnings.  I am not anti-Nakowa, I'm glad he plays at JD but I appreciate a lot of the discussion and analysis in this thread that has highlighted he is not superman or supremely lucky, he's got a very sensible cash management strategy and JD's low 1% edge gives him a decent chance to pull it off.

I don't think he's cheating and I don't think you should do anything drastic like change the max bet of the site.  Personally, I'd increase it, but I have not run the analysis you have.

What would help me as an investor is some kind of ability to put in a stop loss order, e.g. if my investment balance is < X then divest X % of my investment balance.  However, I imagine that would be hard to program and result in a lot of variability in your investment total which you probably don't want.  But right now I have to "lucky" enough to be on when he's on and manually monitor my balance and try and get out before I lose what are for me very hard to replace coins.

When the site had 50K btc invested you said you had too much investment, what in your mind is the ideal level of investment?

Please do not give up!  Your site is one of the best things about BTC and you are a great member of this community.
hero member
Activity: 630
Merit: 500
Bitgoblin
Problem is that the whole point of j-d is to gather funds from many investors, to raise a high max bet.
If he was to lower the max bet, likely he would have been able to do it with his own funds.
(as Deprived has explained many times, assuming I got it right)


While this assertion is true, I believe that JD's public funding model has at least 2 advantages regardless of maxbet :
- creating a little army of advertisers (investors)
- turning a portion of investors into gamblers

I doubt that JD would be where it stands nowadays without this unique feature.


I totally agree.

Not for these exact reasons, though they are similar: the solve fact that you can be an investor, and not through a traditional share-system, rather through a bankroll, is so innovative that brings automatic success.

But I've also not seen you, dooglus, take the possibility seriously that he has exploited your site.
[...]
As a potential investor / sender of money to your site, I find that confidence worrying.

I'm also a bit concerned about this.
While I think it's more likely he's just been quite lucky (<2% chances, IIRC), I find a bit disconcerting that absolute confidence everything's fine and site hasn't been cracked.

dooglus should put out a bounty to prove the RNG is flawed. allow people to benefit financially without losing their soul...
Doesn't make much sense: if you find a flaw, you can exploit it and make much more.
Of course there are people that wouldn't do it, but still...
sr. member
Activity: 454
Merit: 252
Think doog has to maximize the bets, 10-20 BTC, or sg else. If he won't do that, the site will be destroyed in a week by Nakowa....

We should coin the term "investors fallacy."

The mathematical correct thing to do to push profit in your favor is to pump the house edge. Variance will flicker around a quicker growing profit line. Minimum bet can be raised to full Kelly, or kept at fractional Kelly.
newbie
Activity: 41
Merit: 0
Think doog has to maximize the bets, 10-20 BTC, or sg else. If he won't do that, the site will be destroyed in a week by Nakowa....
legendary
Activity: 1176
Merit: 1015
We recently learnt that some RNGs or their APIs are not completely safe. Unless JD is using a physical RNG thats also a possible point of failure.

Except a physical RNG is not provably fair for the gambler.
Well I don't know the implementation of JD, but shouldn't it the possible to use the output of a PRNG to make a fair system?

https://just-dice.com/lucky.txt

You can prove this is the code because if you run the server seed, client seed and nonce it comes out exactly the same.
sr. member
Activity: 493
Merit: 262
We recently learnt that some RNGs or their APIs are not completely safe. Unless JD is using a physical RNG thats also a possible point of failure.

Except a physical RNG is not provably fair for the gambler.
Well I don't know the implementation of JD, but shouldn't it the possible to use the output of a PRNG to make a fair system?
legendary
Activity: 1176
Merit: 1015
We recently learnt that some RNGs or their APIs are not completely safe. Unless JD is using a physical RNG thats also a possible point of failure.

Except a physical RNG is not provably fair for the gambler.
sr. member
Activity: 493
Merit: 262
We recently learnt that some RNGs or their APIs are not completely safe. Unless JD is using a physical RNG thats also a possible point of failure.
donator
Activity: 2772
Merit: 1019
Thanks for the explanation molecular.

Smiley

These are just my thoughts. I might be falling victim to gamblers phallacy Wink.
legendary
Activity: 1176
Merit: 1015
Thanks for the explanation molecular.

Smiley
donator
Activity: 2772
Merit: 1019
SHA512 is secure, all these posts are just FUD.  No attacks have been proven against SHA512 or even SHA256.

secure against what? "Attacks" against cryptographic hash functions are attacks against the complexitiy of calculating their inverse function (EDIT: or finding a collision). This is not the way these functions are used in JD.

Existence of predictable pattern in JD dice rolls does not imply sha256 is "broken", does it?

donator
Activity: 2772
Merit: 1019
Maybe a tried-and-true PRNG could be used seeded with sha256(server_seed || ":" || user_seed) or whatever) instead of that nonce-postfix-thingy that is implemented, which only changes a couple of bits (down to only one bit rougly every second time) of the sha256 input between rolls. I'm not saying this is a flawed approach (I clearly do not know this), just that it's impossible for me to be sure it's not (partly) predictable.

If this is the case, wouldn't the entire proof of work for Bitcoin be compromised?

Bitcoin = SHA256(SHA256)
JD = HMAC-SHA512(sever seed, client seed, nonce)

They both use the SHA family right?

No, a predictable pattern existing in JD PRNG would not mean proof of work for Bitcoin is compromised.

POW involves "guessing" a nonce so that the sha output is smaller than x. Predicting a pattern in JD means exploiting properties of sha256 that have nothing directly to do with its "irreversibility". In JD the difference between two consecutive inputs to the function is known (nonce = nonce + 1). This could lead one to be able to predict (maybe statistically and using past data) changes between 2 consecutive outputs. Again: I'm not saying this is the case and sure as hell I'm not saying I found something like that, but I just can't rule it out for myself.

legendary
Activity: 1176
Merit: 1015
SHA512 is secure, all these posts are just FUD.  No attacks have been proven against SHA512 or even SHA256.

Only tweaking 1 bit in the input to SHA would still give a completely different output - that's the point of a hashing algorithm!

I find it quite funny that there's all these posts from people saying how they think they have found 'patterns' of high high low low or whatever, then they end their post with 'but I'm not a mathematician'.

Believe me, if SHA512 or SHA256 were broken, we would know about it - firstly the entire TLS/SSL CA infrastructure would collapse..

Will

And Bitcoins proof of work too right?
hero member
Activity: 767
Merit: 500
SHA512 is secure, all these posts are just FUD.  No attacks have been proven against SHA512 or even SHA256.

Only tweaking 1 bit in the input to SHA would still give a completely different output - that's the point of a hashing algorithm!

I find it quite funny that there's all these posts from people saying how they think they have found 'patterns' of high high low low or whatever, then they end their post with 'but I'm not a mathematician'.

Believe me, if SHA512 or SHA256 were broken, we would know about it - firstly the entire TLS/SSL CA infrastructure would collapse..

Will
sr. member
Activity: 375
Merit: 250
dooglus should put out a bounty to prove the RNG is flawed. allow people to benefit financially without losing their soul...
legendary
Activity: 1176
Merit: 1015
Maybe a tried-and-true PRNG could be used seeded with sha256(server_seed || ":" || user_seed) or whatever) instead of that nonce-postfix-thingy that is implemented, which only changes a couple of bits (down to only one bit rougly every second time) of the sha256 input between rolls. I'm not saying this is a flawed approach (I clearly do not know this), just that it's impossible for me to be sure it's not (partly) predictable.

If this is the case, wouldn't the entire proof of work for Bitcoin be compromised?

Bitcoin = SHA256(SHA256)
JD = HMAC-SHA512(sever seed, client seed, nonce)

They both use the SHA family right?
elm
legendary
Activity: 1050
Merit: 1000
I typed a long reply, then the forum crapped on me some error so I lost it. I will try to recreate my answer.

1. How can one be sure? I think if it is 100% provably fair and the OP and player and whoever else has no chance to get hold of the final outcome in advance than the OP is honest.
does something like 100% provably fair exist? if yes, then my next question would be, is JD 100% provably fair?

2. if the numbers of the RNG are not random this would explain everything. but why would JD chose a RNG that is not random? a RNG that is not random is not a RNG imho Smiley
could You explain Your view in more depth. this would be very interesting to understand (at least for me)

thanks

1. The site is provably fair for players. No site or dice game is provably fair for investors other than the owner. Slow games, like my lotto, are perfectly provably fair, but you have to wait 1 week for the results. No one is going to play dice with a 1 week delay.

2. The RNG is not even a RNG. It uses a deterministic but secure hash function in a message authentication code format. The results look random. They are not. They are uniformly distributed.

JD's rolls have 3 components: a server seed, a client seed, and an incrementing nonce. The server seed does not change until you Randomize. The client seed does not change. The nonce goes up by one for every roll.

I believed, and I still do, that you can predict a pattern.

For a short time, I ran a pseudo gambling investment (DIGS) where I collected other people's money and gambled them in a carefully planned martingale strategy. Mostly for fun. Until I made a mistake, which was something I actually predicted.

I lost 6 consecutive times. The bet now is, I'm going to win the next roll, or the 7th bet. Everyone calls this the Gambler's Fallacy. Doesn't matter. Nakowa is afflicted with the same disease.

For lack of a true scientific explanation, I resorted to just saying I had magic seeds. However, my understanding of statistics and probabilities, or the lack thereof, convinced me that I can exploit this predictable or deterministic pattern.

But. No one believes me, and I can't explain myself.

If I lose, they told me so. If I win, I just got lucky. Even though I said I knew it, I couldn't possible have predicted it.

So, no one is sending me coins, I'll just have to wait patiently until I have enough to go gamble it again. Wanna bet? Send me coins and I will gamble it for you using my so called magic seeds, and I'll send you back the profit, if you'll let me keep the change.

I told everyone, send me 100, I will send back 110, after making 112, and I'll keep the 2, if I win. If I lose, it was a gamble huh.... ... Hehehehe. Stupid magic seeds, stupid dragon babies, stupid dung beetle...

Anyway, you asked for my point of view.

thank You for taking the time. what You are saying is that Provably Fair is only for the player fair and not for the owner/investors. that is very bad then.

if You found a pattern to Your advantage, You should know how to explain it, IMHO. I believe in patterns in connection with RNG games.
donator
Activity: 2772
Merit: 1019
Deposits have stopped...

server issues?

just deposited ~ 2 hours ago with no problem.
donator
Activity: 2772
Merit: 1019
2. The RNG is not even a RNG. It uses a deterministic but secure hash function in a message authentication code format. The results look random. They are not. They are uniformly distributed.

JD's rolls have 3 components: a server seed, a client seed, and an incrementing nonce. The server seed does not change until you Randomize. The client seed does not change. The nonce goes up by one for every roll.

I believed, and I still do, that you can predict a pattern.

[...]

For lack of a true scientific explanation, I resorted to just saying I had magic seeds. However, my understanding of statistics and probabilities, or the lack thereof, convinced me that I can exploit this predictable or deterministic pattern.

But. No one believes me, and I can't explain myself.

I have the same suspicion and the same problem. I can't even think clearly when sha256 is involved Wink.

Maybe a tried-and-true PRNG could be used seeded with sha256(server_seed || ":" || user_seed) or whatever) instead of that nonce-postfix-thingy that is implemented, which only changes a couple of bits (down to only one bit rougly every second time) of the sha256 input between rolls. I'm not saying this is a flawed approach (I clearly do not know this), just that it's impossible for me to be sure it's not (partly) predictable.

I'm not very firm with math-stuff, just wanted to assure Dabs he's not alone in his suspicion.

EDIT: I highly doubt a human brain would be able to detect such things, btw. Nakowa is just a lucky gambler.
Jump to: