Topic: Luckynumber.me has holes in their provably fair system, allows for manipulation (Read 3350 times)
September 23, 2014, 11:57:04 PM
wew...I think luckynumber not good for new user...because it indicate scam....I deposited this day but not landing to my account...huftt...please help me...
May 26, 2014, 11:53:46 PM
Actually, you can change the client seed as you wish: 
How does that make a difference though? Because when you bet the time stamp could still change.
May 26, 2014, 03:16:52 PM
Actually, you can change the client seed as you wish:
May 26, 2014, 08:51:46 AM
Just-dice is provably fair if the users change their seed once before they start. Primedice is provably fair if the users change their seed every roll. Luckynumber.me is provably fair never. Thus the reason for this thread.
People need to re-read this.
Advertising something as provably fair when it can never be provably fair is a scam.
May 17, 2014, 05:08:09 PM
The idea that this site is a scam site doesnt make any sence, you could tell that about any gambling site when u loose, if gambling sites have a house edge of 1-2% u know that and u can hit many losses yes, but thats inheret to gambling.
Scamming is ripping people of gambling is another thing.
Scamming is ripping people of gambling is another thing.
May 16, 2014, 05:16:31 AM
well when I take a look at their high bets it doesn't look like they are scammers and manipulating
https://i.imgur.com/KFHsBTu.png
That guy made over 5BTC in 8min
May 15, 2014, 11:19:33 PM
That doesn't mention anything about the provably fair though.
May 15, 2014, 01:02:31 PM
They claim they are legit here:
https://bitcointalksearch.org/topic/m.6739912
https://bitcointalksearch.org/topic/m.6739912
May 14, 2014, 08:12:18 AM
Bump.
May 07, 2014, 11:38:19 AM
Sounds like just dice is the "most" provably fair then for now? I do change my seed at primedice once at the start, what a pain it would be to change every roll...
May 07, 2014, 10:34:35 AM
Just-dice is provably fair if the users change their seed once before they start. Primedice is provably fair if the users change their seed every roll. Luckynumber.me is provably fair never. Thus the reason for this thread.
May 07, 2014, 10:14:48 AM
In my opinion there is no ideal system for off-chain sites right now, I have voiced my opinion that someone should develop an open-source standard and require all sites to run it to be "provably fair".
Even Stunna is acknowledging that every system has no ideal provably fairness.
New developments have to be made to end this scam accusations that lack insight.
I think this thread is pretty closed then.
I'd agree in saying that each system has its flaws, but the way this site implements it's provably fair allows for a much easier way for rolls to be manipulated, there isn't a 100% sure-fire way to know that your roll hasn't been manipulated. Other sites display a non-changing nonce (displayed before rolls) or an editable field, which as long as we record the nonce or edit our client-seed we can be sure our roll is not manipulated. We can neither edit or be sure of the time that the roll was placed because the time ticks by too quickly and as pointed out by another user, the time isn't even accurate.
Sure thing. But I'd risk to say that 99.9% of the players on PD, for example, do not change client seed every bet.
Is it not - statistically - the same room for manipulation on both sites? Considering that both can, at their will, manipulate the rolls. The thing is that they don't. The problem is on the system itself, they have different provably fairs, and hopefully they can both change them one day, when a new system arrives that is more foolproof than now.
It's almost a linguistics question. People are saying that LN can't affirm it's provably fair because they cannot prove it's fair. But PD can't prove its fair system either, if client seed is not changed. Yet they are provably fair?
I think there are accusations being made that are pointless, yet very serious because they are alarming users that don't understand how this fair system works.
Truth is we need a new system, to end up all this misunderstandings.
I'm pretty much sure that PD and LN are not manipulating anything, though.
Friendly reminder.
May 07, 2014, 09:56:25 AM
Bump.
May 01, 2014, 11:41:35 PM
well when I take a look at their high bets it doesn't look like they are scammers and manipulating
That guy made over 5BTC in 8min
May 01, 2014, 12:34:26 PM
well when I take a look at their high bets it doesn't look like they are scammers and manipulating
That guy made over 5BTC in 8min
May 01, 2014, 12:10:52 PM
In my opinion there is no ideal system for off-chain sites right now, I have voiced my opinion that someone should develop an open-source standard and require all sites to run it to be "provably fair".
Even Stunna is acknowledging that every system has no ideal provably fairness.
New developments have to be made to end this scam accusations that lack insight.
I think this thread is pretty closed then.
I'd agree in saying that each system has its flaws, but the way this site implements it's provably fair allows for a much easier way for rolls to be manipulated, there isn't a 100% sure-fire way to know that your roll hasn't been manipulated. Other sites display a non-changing nonce (displayed before rolls) or an editable field, which as long as we record the nonce or edit our client-seed we can be sure our roll is not manipulated. We can neither edit or be sure of the time that the roll was placed because the time ticks by too quickly and as pointed out by another user, the time isn't even accurate.
Sure thing. But I'd risk to say that 99.9% of the players on PD, for example, do not change client seed every bet.
Is it not - statistically - the same room for manipulation on both sites? Considering that both can, at their will, manipulate the rolls. The thing is that they don't. The problem is on the system itself, they have different provably fairs, and hopefully they can both change them one day, when a new system arrives that is more foolproof than now.
It's almost a linguistics question. People are saying that LN can't affirm it's provably fair because they cannot prove it's fair. But PD can't prove its fair system either, if client seed is not changed. Yet they are provably fair?
I think there are accusations being made that are pointless, yet very serious because they are alarming users that don't understand how this fair system works.
Truth is we need a new system, to end up all this misunderstandings.
I'm pretty much sure that PD and LN are not manipulating anything, though.
The major difference is that Primedice, you can change your client seed every roll. If you don't, it's negligence and your own fault. If you bet on lucky number you're already giving up the fairness as soon as you roll.
I understand exactly what you mean, but saying you are giving up on fairness is quite a bold statement, and it's not entirely true.
Saying there are holes in that provably fair system is correct, as in the title of this thread. Otherwise you have users that can interpret your words and extend them right away to "scam website".
Heck, you posted this thread in Scam Accusations, which is not correct. Having a faulty provabilty fair system doesn't mean you are running a scam. Loads of other sites have and had problems with this system.
About Primedice, I have to say then that the majority actually give up on the fairness then, even Stunna said somewhere that most users don't change client seeds.
Is it their negligence? Yes, yet you will have accusations of manipulation, and eventually get responses "What, then I have to change seed every bet otherwise it's my fault and they are allowed to manipulate my roll?"
I'm trying to discuss the system here, which in my belief should be upgraded from the current we have now.
Hope you understand my two cents.
May 01, 2014, 09:34:10 AM
In my opinion there is no ideal system for off-chain sites right now, I have voiced my opinion that someone should develop an open-source standard and require all sites to run it to be "provably fair".
Even Stunna is acknowledging that every system has no ideal provably fairness.
New developments have to be made to end this scam accusations that lack insight.
I think this thread is pretty closed then.
I'd agree in saying that each system has its flaws, but the way this site implements it's provably fair allows for a much easier way for rolls to be manipulated, there isn't a 100% sure-fire way to know that your roll hasn't been manipulated. Other sites display a non-changing nonce (displayed before rolls) or an editable field, which as long as we record the nonce or edit our client-seed we can be sure our roll is not manipulated. We can neither edit or be sure of the time that the roll was placed because the time ticks by too quickly and as pointed out by another user, the time isn't even accurate.
Sure thing. But I'd risk to say that 99.9% of the players on PD, for example, do not change client seed every bet.
Is it not - statistically - the same room for manipulation on both sites? Considering that both can, at their will, manipulate the rolls. The thing is that they don't. The problem is on the system itself, they have different provably fairs, and hopefully they can both change them one day, when a new system arrives that is more foolproof than now.
It's almost a linguistics question. People are saying that LN can't affirm it's provably fair because they cannot prove it's fair. But PD can't prove its fair system either, if client seed is not changed. Yet they are provably fair?
I think there are accusations being made that are pointless, yet very serious because they are alarming users that don't understand how this fair system works.
Truth is we need a new system, to end up all this misunderstandings.
I'm pretty much sure that PD and LN are not manipulating anything, though.
The major difference is that Primedice, you can change your client seed every roll. If you don't, it's negligence and your own fault. If you bet on lucky number you're already giving up the fairness as soon as you roll.
May 01, 2014, 06:40:58 AM
I can change the game type and client seed at my will to at least make sure my bets are fine. Not that I change it every roll, but I frequently change game type so that's also one method.
May 01, 2014, 05:28:28 AM
Heh. You see me in PD too
May 01, 2014, 05:27:21 AM
So what?
Nothing much. May 01, 2014, 05:21:36 AM
So what?
May 01, 2014, 05:19:52 AM
In my opinion there is no ideal system for off-chain sites right now, I have voiced my opinion that someone should develop an open-source standard and require all sites to run it to be "provably fair".
Even Stunna is acknowledging that every system has no ideal provably fairness.
New developments have to be made to end this scam accusations that lack insight.
I think this thread is pretty closed then.
I'd agree in saying that each system has its flaws, but the way this site implements it's provably fair allows for a much easier way for rolls to be manipulated, there isn't a 100% sure-fire way to know that your roll hasn't been manipulated. Other sites display a non-changing nonce (displayed before rolls) or an editable field, which as long as we record the nonce or edit our client-seed we can be sure our roll is not manipulated. We can neither edit or be sure of the time that the roll was placed because the time ticks by too quickly and as pointed out by another user, the time isn't even accurate.
Sure thing. But I'd risk to say that 99.9% of the players on PD, for example, do not change client seed every bet.
Is it not - statistically - the same room for manipulation on both sites? Considering that both can, at their will, manipulate the rolls. The thing is that they don't. The problem is on the system itself, they have different provably fairs, and hopefully they can both change them one day, when a new system arrives that is more foolproof than now.
It's almost a linguistics question. People are saying that LN can't affirm it's provably fair because they cannot prove it's fair. But PD can't prove its fair system either, if client seed is not changed. Yet they are provably fair?
I think there are accusations being made that are pointless, yet very serious because they are alarming users that don't understand how this fair system works.
Truth is we need a new system, to end up all this misunderstandings.
I'm pretty much sure that PD and LN are not manipulating anything, though.
May 01, 2014, 05:18:30 AM
In my opinion there is no ideal system for off-chain sites right now, I have voiced my opinion that someone should develop an open-source standard and require all sites to run it to be "provably fair".
Even Stunna is acknowledging that every system has no ideal provably fairness.
New developments have to be made to end this scam accusations that lack insight.
I think this thread is pretty closed then.
I'd agree in saying that each system has its flaws, but the way this site implements it's provably fair allows for a much easier way for rolls to be manipulated, there isn't a 100% sure-fire way to know that your roll hasn't been manipulated. Other sites display a non-changing nonce (displayed before rolls) or an editable field, which as long as we record the nonce or edit our client-seed we can be sure our roll is not manipulated. We can neither edit or be sure of the time that the roll was placed because the time ticks by too quickly and as pointed out by another user, the time isn't even accurate.
Sure thing. But I'd risk to say that 99.9% of the players on PD, for example, do not change client seed every bet.
Is it not - statistically - the same room for manipulation on both sites? Considering that both can, at their will, manipulate the rolls. The thing is that they don't. The problem is on the system itself, they have different provably fairs, and hopefully they can both change them one day, when a new system arrives that is more foolproof than now.
It's almost a linguistics question. People are saying that LN can't affirm it's provably fair because they cannot prove it's fair. But PD can't prove its fair system either, if client seed is not changed. Yet they are provably fair?
I think there are accusations being made that are pointless, yet very serious because they are alarming users that don't understand how this fair system works.
Truth is we need a new system, to end up all this misunderstandings.
I'm pretty much sure that PD and LN are not manipulating anything, though.
May 01, 2014, 05:05:54 AM
In my opinion there is no ideal system for off-chain sites right now, I have voiced my opinion that someone should develop an open-source standard and require all sites to run it to be "provably fair".
Even Stunna is acknowledging that every system has no ideal provably fairness.
New developments have to be made to end this scam accusations that lack insight.
I think this thread is pretty closed then.
I'd agree in saying that each system has its flaws, but the way this site implements it's provably fair allows for a much easier way for rolls to be manipulated, there isn't a 100% sure-fire way to know that your roll hasn't been manipulated. Other sites display a non-changing nonce (displayed before rolls) or an editable field, which as long as we record the nonce or edit our client-seed we can be sure our roll is not manipulated. We can neither edit or be sure of the time that the roll was placed because the time ticks by too quickly and as pointed out by another user, the time isn't even accurate.
May 01, 2014, 04:31:20 AM
In my opinion there is no ideal system for off-chain sites right now, I have voiced my opinion that someone should develop an open-source standard and require all sites to run it to be "provably fair".
Even Stunna is acknowledging that every system has no ideal provably fairness.
New developments have to be made to end this scam accusations that lack insight.
I think this thread is pretty closed then.
May 01, 2014, 03:10:18 AM
Wow. No wonder I have lost so much money there.
April 30, 2014, 10:39:07 PM
The forum does not do scammer tags.
April 30, 2014, 08:58:12 PM
good catch guys, anyway they can get the scammer tag???
April 24, 2014, 12:33:20 PM
Something I also noticed:
Given that they offer 60 coin payouts for individual bets with a very small bank it makes this possibility more concerning. This all goes without saying that giftcoins was unethical in stealing actual design files from PD that were unreleased, not just images. I will post more about that in the near future.
Quote from: stunna
Another ridiculous detail is that the server time on site is different to actual server time as it uses javascript to calc individual server times. I have both my laptops open on luckynumber and the time is off by 2 sec. So effectively he can choose between the best few server times (with ease)
Given that they offer 60 coin payouts for individual bets with a very small bank it makes this possibility more concerning. This all goes without saying that giftcoins was unethical in stealing actual design files from PD that were unreleased, not just images. I will post more about that in the near future.
April 24, 2014, 08:12:00 AM
Thanks for a warning.
This seems like dangerous for players and for them in a same time.
I hope they will read your post and maybe will change something in their system.
Regards
This seems like dangerous for players and for them in a same time.
I hope they will read your post and maybe will change something in their system.
Regards
April 24, 2014, 07:33:36 AM
Luckynumber.me is not provably fair, because of the inclusion of time down to the millisecond in the decision of the final roll, this is why.
Say you make a bet at 3:34 PM, 13.23 seconds. The outcome of the roll was a win.
Luckynumber looks at your roll and calculates that it would be a win. So they pretend the server got the message a millisecond later. Let's do a new roll with a new time.
Your bet was now made at 3:34 PM, 13.24 seconds. The outcome of this roll is a loss.
This allows for major roll manipulation. They don't have to do this every bet. They can just do it on larger bets, or once every 20 rolls or so. It doesn't matter if some people win because they still have to keep their image up.
They can also repeat the time process multiple times until they get a losing roll.
You might say that you can see the clock at the bottom of the game and you know exactly when you clicked roll. Did you really? Do you know exactly how long it takes the message to get to the server and for the server to record the time? These are all things that can be used against you.
Gamble carefully.
Say you make a bet at 3:34 PM, 13.23 seconds. The outcome of the roll was a win.
Luckynumber looks at your roll and calculates that it would be a win. So they pretend the server got the message a millisecond later. Let's do a new roll with a new time.
Your bet was now made at 3:34 PM, 13.24 seconds. The outcome of this roll is a loss.
This allows for major roll manipulation. They don't have to do this every bet. They can just do it on larger bets, or once every 20 rolls or so. It doesn't matter if some people win because they still have to keep their image up.
They can also repeat the time process multiple times until they get a losing roll.
You might say that you can see the clock at the bottom of the game and you know exactly when you clicked roll. Did you really? Do you know exactly how long it takes the message to get to the server and for the server to record the time? These are all things that can be used against you.
Gamble carefully.
Jump to: