Topic: Provably fair - Not provable at all? (Read 1222 times)

I guess you misunderstood my point. It is true that you can check your bets (automatically or manually), then notice the hash mismatch and scream "scam!" everywhere on forums and reddit, but unfortunately you cannot force the site to recoup your loss. The malicious site can ignore it, shut the site down and run away with every players' bitcoin.

Provably fair only works when you actively verify your bets. For the basics I recommend to read my article: https://dicesites.com/provably-fair


Some provably fair implementations are better/worse than others too. I plan to write an article about this (which is a bit more advanced) some time in teh future :>

Well that can be easily avoided if the player makes a script(as someone in 999dice did) to auto-check if the hashes etc are correct or not. But yeah normal users can get scammed pretty easily

Not exactly. A casino can cheat easily by simply giving the player a bet result that does not match with the provably fair algorithm. This has happened on dicebitcoin, and it was discovered soon by the players.
To sum up, with provably fairness, casinos cannot cheat their players without them knowing. But they can still cheat their players and do a runner.

Thanks for explaining guys. I guess I misunderstood.

I found another topic (thanks to Google) for those who want it.
https://bitcointalksearch.org/topic/edu-provably-fair-and-how-it-can-be-exploited-by-casino-owners-against-you-283547

A casino have 3 things. Server seed, client seed, server hash. Primedice used to only reveal the server seed at the end of the day which they later changed to allow for faster verification. Most sites increase the nonce after every bet so that the result will be different and still be fair. The user needs to note all the variable to verify that nothing is changed. 999dice is known to cheat it's user if they don't verify. If a single character is changed in the server seed, the server hash would be different.

The only way a casino can cheat is by predetermining the rolls and "editing" the future server seeds manually, but this as I said before doesn't work if the bettor is betting randomly/changing his seed at will(which most players do).

---

---

More about it here: https://bitcointalksearch.org/topic/beware-of-999dice-potential-scam-523178

And a player has actually cheated a casino using provably fair: https://bitcointalksearch.org/topic/hufflepuff-making-2k-btc-on-primedice-nov-2014-march-2015-update-he-cheated-843892

Okay lets start from scratch, lets say the owner wants to cheat here:
The player before making a bet sees the server hash of the next bet, he also takes note of the client seed he entered. He makes a bet, now the owner tries to change the Server seed, it doesn't work in his favor as the player has proof that the server seed hash that he captured is completely different from the the resulting server seed hash(which is revealed after the bet, and which the owner attempted to change) , which can be checked via third party site.

The player has choice not to bet the way he had previously been betting, and betting completely randomly.

Mhmm I see. So there's no way a casino owner could cheat this way?

Nay nay, only the hash is known to the user. Not the server key
Edit: Just for clarification server seed hash is != server seed

If both the server seed key and the client seed key are known to the user _before_ the gamble, would it be possible for the user to select (refresh) his/her client seed key, do the control algorithm and predict the outcome?

If not, what is the variable that determines the outcome?

Yup it is so in every provably fair game

So you are saying the hash server key is known before you "roll" the dice?
(btw, thanks for the reply)

The hash of server key is, thats the whole point of Provably fair that later by yourself you can check if the server seed was the same as the hash and calculate if you can get the same output as the casino

Hi guys,


I'm relatively new to this forum and I'm not really sure if this topic has been discussed before (couldn't find it). I'm also not sure if this is the place to discuss it. If a moderator moves it to another category, I apologize and say thank you at thesame time.


I wanted to discuss these "provability fair" systems from various casino's, dice game sites, etc..

---

I know a thing or 2 about programming. I might be totally wrong about this, but I hope this topic might explain these systems.


Let's discuss a simple dice game. The dice script should output a "1" or a "0". The "1" means the casino wins, the "0" means the player wins.


If I understand correctly the outcome of the script (the 0 or 1) is determined by an algorithm that is applied to a combination of the client seed key and the server seed key.


The client seed key is always visible to the player. The server key is not. Let's say the algorithm rolls in favor of the player. What is preventing the casino (the script) to try another server seed key, and if necessary again and again, untill eventually the casino wins? If I understand correctly, the server key is random and not shown to the player until the outcome is known.

Let's say the casino script does this -let's call it cheating- and only writes the server seed key that they wanted and the client seed key to a database for later checking or control. Who could verify that the casino is cheating?

Sure, one might say that script is being regulated, controlled and or inspected by a third party (like a "gaming commision"). What is preventing the owner of the casino or website to change this script after the control?


Thanks for your input guys. Have a nice day.