Topic: mutterings from mem: Provable Results vs Provably Fair (Read 4870 times)

Wise move. Dooglus points out Mental poker, which looks promising. Setting up a properly shuffled deck looks incredibly convoluted from an engineering perspective, but the basic idea is sound ... best I can tell. There is definitely a market for it, so I think it's only a matter of time before somebody develops something along these lines.

All other things being equal, your site would be much better the more fair it looks to the player.

As an example, a completely honest and trust worthy individual, new to bitcoins, decides to do a raffle and his method involves pulling physical balls out of a hat and recorded on video. Or that he claims he gets the numbers from random.org.

While the intent is to be honest, most people here have already pointed out the flaws.

The two problems mentioned here about online poker, specifically super users and collusion, are the same problems across all online poker rooms and the solution is to handle them with human intervention.

If people trust you, and also trust the system or the implementation, then it's so much better for you.

If people do not trust the implementation, no matter how provably fair it is (because some users are just lazy or too stupid to change their client seeds) then they will call you a scam, no matter how provably fair you actually are.

The issue with online poker is the same as table top poker.

Online == server admin simply looks @ what cards you are holding. 
Table == Cameras, bystanders sending signals.

Both == Collusion.

As another user mentioned, you can definitely prove the deck was shuffled randomly but you cannot prove or disprove admin honesty in this situation. This is why I only play with small change, Im after a cheap thrill and due to my cheapness Im not an ideal target for a scammer. Its why this is such a classic scene in movies:

Pub + poker table = flip table + gun shoot out.

How about shuffling the SHA 256 Hash of the client and server seed? That should make it unpredictable without adding a secret?

The player can cheat using this method, since they can make the txid anything they want by repeating the signing process and then set their client seed so they can generate a specific hash and result.

My only suggestion is Jacks or Better.  That is, someone has to have at least a pair of jacks to open the action.  With this setup, it should be possible to verify.  Draw poker is also the best variant for this.  Without a draw, this is a game few people would play.

The simplest game where I can see this working is single draw no-limit lowball.  There's a chapter in Doyle Brunson's original Super/System about it, but it is basically an obsolete game.  It would have to be revived.

But absolutely nobody would want to play a five card poker game with just one round of betting.

Any thoughts on this?
Is this method considered provably fair with provable results?

I have never played online poker in any other website, and I have not downloaded any client. So I am coming in, attempting to do this, from a fresh perspective.

I'll take a look at the more popular online poker sites later.

Also, I want to implement this provably fair poker without needing a client. It will either be java or html5 or something that is browser based. I would like to appeal to anyone who can browse using current browsers regardless of OS. Downloadable clients mean I'd have to make one for MacOS, Windows, Linux, Android and iOS. Only the last two would deserve their own clients, the desktop computers should have "optional" clients.

Based on my initial research, browser based poker sites can be played by everyone, except they don't have the client features that some players would want. All those extra features are optional. I'm guessing I can make a browser based poker site with an API so everyone is free to make their own client, but without one, you can just go play.

Verifying the results, might be impractical, but with the game being "provably fair", someone out there will make a script to do this. They would not need to trust the website. All the website needs to do is spit out the hashes and cards which the players can verify, but only for cards they can see.

For disconnecting players, I think a default fold if you don't connect is best. The "all-in" on disconnect does not make sense to me. But I've not played any online poker, so what do I know...

As for cheating, the server can always cheat, that's a given. All casinos can cheat. All dice site owners / operators can cheat. There just isn't a practical way around that. And even if the site does not cheat, what if it does not pay out the pot? All new casinos are probably scams until they have stood the test of time, or the reputation of the operator is at stake. EV could have cheated SD, we would never know. dooglus has said, he could do the same for JD, but he claims he does not.

Collusion, well, not much we can do about that if I want my poker site automated. That would require staff to watch the games and do analysis. Which is what Poker Stars is known for.

Again, I have never played any online poker game. I just did a lot of reading on it two days ago.

I already have an idea on how to implement this provably fair poker shuffling and dealing and verifying only the cards the players may see, but I've got to test it some how. (either on my napkin drawings, my computer or through some ugly looking website.)

@darkmule, would you be so kind as to enumerate a typical 5 card draw poker game with 4 players, for example. I was thinking of just making a simple game where:

1. Players seed. Dealer shuffles.
2. Dealer gives 5 cards to each player, face down.
3. Players see their cards. Players can immediately verify they were dealt the cards they were meant to have.
4. Player 1 has to check, bet, or fold. This is the blind or opening. He'll fold if he doesn't like his hand.
5. Player 2 can check, raise, or fold.
6. errr.. betting goes around the table to Player 3, to 4, then back to 1.. or.. well, I wanted to keep it simple. This is getting complicated already.
7. Showdown to whoever is left.

So, the players see cards in the showdown and their own cards. Other players do not see mucked or folded cards, and do not see the rest of the deck.

I understand that even with one deck of 52 cards, you can have as many as 10 players in a table.

I can shuffle the deck randomly and fairly now, and I can show players only their cards while keeping the rest secret. What I'm having trouble trying to do is get players to contribute to the shuffle and proving they did so without revealing the entire deck.

I think a solution is that the dealer does the shuffling. The players are only allowed to "cut" the deck. Without knowing the cards, they can cut anywhere and it just changes the order the cards are dealt.

Whoa. Wait. While I was typing the above paragraph, it just dawned on me that the players can still shuffle the deck, without knowing the cards. Shuffling = cutting the deck multiple times, it can even be randomly ordered as many times as needed, and a script can be used to verify all of this.

In fact, the dealer does not have to do any shuffling at all. But I'll make it so that there is an initial shuffle, and then a final shuffle after the last player, and both shuffles are provably fair.

aha... I have to test this.

Now, I just need someone to program a website for me, charge 1% rake, and make some money hosting a trusted bitcoin based online poker site. (incidentally, what do non-bitcoin poker sites charge anyway? I only thought of 1% because all the bitcoin dice sites have 1% house edge.)

My implementation will use a 64 character alphanumeric string as the dealer seed, and each player supplies something equivalent (with a limited character set, to prevent players from using obscene words as their seed values), and SHA256 as the hash function.

I'll upgrade it to larger values or to SHA512 later once I get this working.

In fact, to test this for real (after testing it locally on my own computer), I will make a thread, (a forum based poker game) where players post their moves. This is going to be really slow, since I will wait for each player to make a move, and could take days. I'll be the dealer, and I need at least 2 players who aren't going to disconnect on me. Since this is a forum based game, I will consider you disconnected if you don't reply after 3 days.

Yes, that is going to suck because of the wait times.

But it will all be provably fair. How's that?

I better start another thread already or we'll derail this one. Sorry mem for hijacking your thread accidentally.

Here is my thread now:

Provably Fair Online Poker by Dabs
https://bitcointalksearch.org/topic/provably-fair-online-poker-by-dabs-beta-test-1-274068

Five card draw with a jacks-or-better starting requirement might be a useful model.  Unlike some poker variants, anyone who actually plays a hand can be compelled to "show their starters" (i.e. prove they had a hand that they were allowed to play).

It still has the issue of people who didn't play not showing.

Any solution to the provably fair poker problem has to deal with the fact that you can't see everyone's cards, even after the fact, but much more importantly, has to be implemented in a client that uses open source software and can be compiled by the end user.  Verifying the results (at least the ones that you can see) doesn't seem to be something that can be done in a single step, and would be very impractical for the end user to do manually.

Also, while provable fairness is a nice gold standard for online gambling, most cheating is going to be done (and has in the past been done) by insiders with access to other people's hole cards and by collusion.  Even if every player provides a seed for the PRNG, so that the deal is provably fair, once the server actually does the deal, an insider may have access while the hand plays out.  Collusion is similarly impervious to provable fairness.

Insiders and collusion constitute the two most serious threats of being cheated in online poker, and as for defective PRNGs, I can only think of one that had any real effect (Planet Poker back in 1999 iirc).  That particular PRNG crack would have been absolutely fatal, but luckily the discoverers documented it rather than using it.  So far as I know, most poker sites now use robust PRNGs seeded with truly random data from some physical entropy source.

So as much as provable fairness is a gold standard, it really seems to me to be a solution in search of a problem.  I am unaware of any case in which an online poker site has been caught rigging the PRNG.  There are just better ways of cheating.

Don't get me wrong, I'd love to see someone do it.  I'm just not sure that except as an academic exercise (and one that is worth doing lest you think I am just being a jerk), it actually will make much difference for poker players.

Okay, I'm going to think of something to solve the first problem, or solution 1. Provably Fair poker but still needs a server (or website).

The goal is to allow players (clients) to supply client seeds in order to shuffle the deck of cards, and for players to verify that they are receiving cards they should receive, but without being able to see cards of other players or cards that no one else would ever see.

This solution provides that the dealer (website) has to know all the cards.

This means, players can verify that they are getting the right cards at the time it is dealt to them, but only those cards. They can't see any other cards, therefore they can't verify those other cards.

Besides, the dealer is needed to act as escrow for the bets.

What is a good poker variant to use for this? I am sure once I get the system running, I can probably incorporate any other poker variant, but I think I want to stick to one example first. Maybe a 5 card draw or something like that.

I'd prefer to stick to one deck of 52 cards, and maybe a maximum of 4 or 5 players. I'll expand the concept later once I get this one game working.

The solution for the second problem, is the P2P client that can't be cheated because it offers a decentralized dealer. This is going to be complicated, so I'll not go into this for now. That or one client always acts as the dealer.

bitzino uses "provable results" in roulette, correct?

Physical Poker is popular because it is decentralised, you don't need to go to a casino to play, however, you are still depended on the dealer in your group being legit and that no one will run off with all the funds while you play.

A lot of these problems can be solved if using bitcoin as a payment method, using m-of-n transactions helps, but you'll still need a trusted dealer. Otherwise it'd just be like going to an unknown backstreet poker room and trusting that no one will rob you.

I like option 1, too. Total decentralization is like the holy grail of online poker, but it seems to me that a central server would still be needed to organize the games, keep them moving along at a reasonable pace, and to act as a trusted escrow service to transfer funds back and forth. Maybe you could build a p2p client to handle all that, but then you'd get cheaters building their own clients to get around any constraints.

It's an interesting problem anyway and I'm pretty sure there is a big market for it. My own informal survey of bitcoin gaming sites tells me that the most profitable sites are also the 'provably fair' sites (bitZino, Just-Dice, etc). People aren't fools (for the most part). A provably fair HU poker site would almost certainly get a lot of action from high-rollers ... is my guess. I can see the $$ in their eyeballs now.

I read the wikipedia article.

I think we want two solutions to this:

1. With a central server that does not need to be trusted (but can generate the shuffling.)
2. P2P version of poker. No need for servers (except maybe to find other players.)

Wouldn't that be something? You'd have decentralized poker, and with bitcoin implemented you could make it like normal gambling in a normal poker table. No house edge too since there is no house.

The one who provides the table and the beer ... uh... well ... that's why I want the first solution, and I think lots of players won't mind paying a fee for a semi-trusted provably fair poker website that allows deposits and withdrawals in bitcoin.

dooglus, go think about it, I will expect a poker site one year from now.. just-poker. hehehe.

And if you had read the thread, you'd have known I was one of the people who previously pointed it out, idiot.

Sorry for repeating myself, but when people ignore what has already been posted and post the same impractical solutions the flaws of which have already been pointed out, and utterly fail to address it, I am forced to repeat myself.

Yes, and that's exactly the problem that "mental poker" solves.  My client knows which cards your client should be allowed to see, and sends just the keys required to decode those cards.  So when I show-down to you, I do so by sending the relevant encryption keys.  And when I muck, I don't.

Cards that you never get to see in a real life game of poker should not be able to be seen in an online version of poker. That includes other people's cards if they don't show, the deck, the burns ... if you wouldn't see it, you shouldn't be able to see it.

I vote for a sticky thread (article/tutorial/guide) about that topic: Provable Results VS Provably Fair.

That would be a great guide for new gambling entrepreneurs, casino operators, gamblers, recreational players, etc. in order to adopt it and demand it.

Provably fair massive adoption would be good for everyone: entrepreneurs and also for gamblers. That's a natural evolution on gambling business. That's pretty clear nowadays IMHO.

Thank you mem for starting a good discussion about that topic.

Cheers!

Here's where I think the technique would work beautifully: high-stakes heads-up poker. Collusion isn't an issue in HU because it's just you versus exactly one other opponent. Your main concern would be a crooked site operator peeking at your hole cards and then sharing that information with your opponent. Mental poker solves that problem nicely.

Disconnects wouldnt' be an issue either becuase you could just forfeit the disconnecting player without being unfair to anyone else.
Woohoo! I think we just invented 'provably fair' heads-up poker! Now back to coding...

I think you're understand the technique properly, and also its shortcomings.  It requires all players to stay connected until the end of the hand.

What cheating are you referring to?  I don't know much about online poker, but if collusion is the biggest problem, this "mental poker" thing doesn't help at all.  I can still share hole cards with my buddies over IM.