Topic: mutterings from mem: Provable Results vs Provably Fair - page 3. (Read 4870 times)

For card shuffling you could let every user enter a client seed. Concatenate all client seeds alphabetically (to make it reproducible), add an own string and use this total as input for a (P)RNG; mersenne-twister for example

Then take a 52 card deck. Apply a shuffling algorithm to it with the chosen (P)RNG and for example the Fisher-Yates shuffle. Concatenate the deck (as in 2s8d9cJs....) and use some cryptographic hash on that string.

Before the game, publish the hash of the original seed and the hash of the shuffled deck.
Correctly specify in which order the game takes cards from the deck and if it burns cards (which makes no sense IMO, but some do it) and then after the game make all client seeds, the server seed and the final result permanently visible on the site (this is something I really want on your site, to at least see all previous games I had).

Ask all players for a new seed and start at the top.

Of course this won't help anyone in knowing if you cheat by seeing all cards of other players but it at least makes it impossible to deal yourself a royal flush and getting away with it.

Best I can figure, the whole concept of 'provably fair' (as defined here) doesn't really apply to online poker. The closest approximation I can think of might be 'provably fair shuffling', but even that seems problematic because now you have multiple players per shuffle.  Just thinking about it now, wouldn't that require every player to know the client seed of every other player? Or maybe there is a simpler solution? I would definitely add this feature to my site (boot52.nl) if I could come up with a reasonable implementation.

But besides all that, there are much simpler ways for a crooked site operator to cheat. For example, the software might have a 'god mode' which would enable certain people to see all your hole cards. You see? So to me, it all boils down to trust. Either you trust the site operator or you don't.  And if you don't, then advanced cryptography probably isn't going to help -- at least in poker. At least that's my current thinking. Maybe you disagree? -boot

I agree. If you have any concerns with this method, please contact me at [email protected]

Another suggestion is to have the site operator video the bets with camtasia, this would be a lot more verifiable than any server or client seed generator nonsense that can easily just be edited. 

You're totally right Mem, a site that doesn't allow for users to provide a seed prior to the roll or isn't Blockchain based shouldn't be considered provably fair. There is far too many provably fair games out right now.

I too have the same concerns about you, many operators have a few hours delay before releasing a secret, giving them plenty of time to change the secret hash, invalidate bets, or even just outride delete them and pretend the deposit address they gave out doesn't belong to them.

I have just posted this link and scrolled down to see your post. I think I have closed some of the gaps in the off-blockchain provably fair by using the ecdsa cryptographic signing functions of Bitcoin. Take a look.

https://bitcointalk.org/index.php?topic=267659.new#new

Some kinds of game are going to be a lot easier to make provably fair than others.  One necessity for being able to prove fairness (without some kind of independent audit) is that you actually know all the results.  In a dice game, you can basically know everyone's results over the history of the game.  In a lottery game, you can have some independently verifiable source of the seed, like for instance an actual real world lottery.  Basically, you need very little entropy for a probable result.

In games like poker, you need a tremendous amount of pseudorandom numbers generated in real time.  You also don't get to see the final results, just whatever hands make it to the river.  People are also generally going to be unwilling to have the cards they had known to the other players without seeing a showdown.  

Now, by collecting large numbers of hand histories, you can analyze whether the action is funky, like flush draws are coming in more often than they should, but you can't really prove it's honest.  You can just show the results are consistent (or inconsistent) with the PRNG being fair.  I'm sure there are other games where it would be difficult to be provably fair, but poker is definitely a big one where it would be tricky to do.

If the site also generates the client seed, it's just like two server/site seeds. The user HAS to choose it themselves, AFTER showing the server seed. A nonce should be used to make this more user friendly & so lazy people can't be potentially abused (Looking at you Stunna..)

Hello! Bitcoin Video Casino chiming in here...

We just want to say hello and talk about how we do our provably fair system. 

Our system works by picking a server seed before you spin or deal.  With every spin or deal request the javascript code, running in your browser, selects a random number and includes that number in the HTTP AJAX request.  We incorporate that client seed into the number generator seed like so:


where shuffle_seed is then used to seed a Mersenne Twister random number generator.  This guarantees that we haven't manipulated the server seed as we send you the result of sha256(server_seed) *before* you choose to deal the cards/throw dice/spin the wheel.  Every time you refresh the browser, you'll get a new server seed.  After the deal we reveal the server seed and you can verify that the hash of the server seed was correct, that the client seed you provided was indeed incorporated into the final game seed and that the game seed produces the correct set of random numbers.

In fact, since our client-side code is publicly available you can see (for each of our games) the check_game function (see http://bitcoinvideocasino.com/static/slots.js around line 330 function check_game) where we check every single game that's played in your browser.


We definitely can't do this as our system requires the incorporation of a client seed into the dice/deck shuffles.  The client seed is chosen via crypto.getRandomValues() or if that isn't available, Math.random().


We will definitely look into providing some way for the user to specify a lucky client seed if this is something our players want to see!

excellent demonstration

I think this discussion has been here a few times already and I completely agree with you.

http://v20.nl/primedice/

I think people need to revisit the concept of provably fair.

First, lets give some examples of my gold standard for provably fair:

1: blockchain games that user the players txid (or another input they have no control over) and a daily site secret.
This imho is still as good as it gets, the entire betting history is public and anyone could choose perform an audit to verify outcomes.

2: Any site that shows you a hash of the site seed used for the next round and allows for users to provide their own seed or randomly generates one for them.
This is as good as it gets without a publically auditable db. Bonus points for no blockchain spam as well.

Now lets look @ 'Provable Results'.

2: Any site that shows you a hash of the site seed used for the next round and does not allow users to provide their own seed.

This is not provably fair, this is only provable results.

What is the difference you ask and why are you such a prick about these things site operators ask ?

Let me use my favourite game roulette as an example.
I as an operator silently observe the bettors and pick their patterns (red/ martingale/ singles/ whatever).
I pre-generate a huge sample of site seeds and client seeds (remember the client cannot set their own) and then cherry pick the results I want.

Say we had a player martingaling their bets on red, to fucking easy throw out 10 blacks and then insist they were randomly selected where in actual fact there is no proof of randomness only proof of result.

I have previously been to lenient on this and will be revisiting and speaking with casino operators who have (conveniently ?) overlooked this.

Flu meds wearing off, back to the tv and my heater.