Thanks for the help guys.
The idea is to create a HMAC SHA 512 signature for each player from the secret (combined transaction hash) and the original tx id. We'll use the last few hex of the signature to generate a number.
I'll probably post again when we have the app live, it's important for everyone that it's provably fair. Hopefully somebody won't be able to game the story though!
Topic: Secret from combined transaction ids (Read 723 times)
hash of the combined transactions - indeed. and good solution, btw.
but I bet, there are so many ways to build a story around it, how to interpret the winning hash...
and some of the stories might be exploitable, if you don't think them through enough.
or I should say: if they don't think..
but I bet, there are so many ways to build a story around it, how to interpret the winning hash...
and some of the stories might be exploitable, if you don't think them through enough.
or I should say: if they don't think..
In a A-vs-B game where the criteria is a hash of the combined transactions, it should be perfectly fair. Just don't reveal either txid until you have both in hand (reveal a [randomly] salted hash if you want to prove that one party or the other has made their move).
But what will be the winning criteria?
If you make it like "whichever hash is lower, then it's quite exploitable, no matter a method".
Bit if you make it smart, like e.g. satoshidice, then it can be pretty secured and fully auditable.
Its usually enough to just xor two hashes together to get a unique enough value - unless you want to keep the combining algo secret.
But people who gamble don't like secrets, not that I'd known any
If you make it like "whichever hash is lower, then it's quite exploitable, no matter a method".
Bit if you make it smart, like e.g. satoshidice, then it can be pretty secured and fully auditable.
Its usually enough to just xor two hashes together to get a unique enough value - unless you want to keep the combining algo secret.
But people who gamble don't like secrets, not that I'd known any
We've been working on some game ideas where different people play against each other.
I'd just like to check that a secret for a provably fair game can be made out of 2 transaction ids; where the secret is used to create a signature with those tx ids (i.e. satoshi dice)
Let's say that there were 2 transactions in a 2 player game:
player_1 = "d200c3d88a578e32c6d024aacdac11b8f790c34679e60a114b4af9bcc07b39ad"
player_2 = "6bfafd42a665e14b3aa2f107e9c09164697bfe6f5dfb48ba163198a749fca3cb"
Apply a 512 Digest to the combined hash of the 2 players
secret = Digest::SHA512.hexdigest("d200c3d88a578e32c6d024aacdac11b8f790c34679e60a114b4af9bcc07b39ad6bfafd42a665e14 b3aa2f107e9c09164697bfe6f5dfb48ba163198a749fca3cb"))
secret == "0775c9758a8d63f66098e461bb185f7adc1c080f7d3f0656e3d968cdc45de4512abfff756eea6b3 379a8eb7eae110d3f95363a1c570fcbea6a2a48eaca5e0282"
Things to bear in mind:
- Players play against each other - 2 players could gang up and try to match their tx ids together in order to screw other players, but they don't know the tx ids of those other players.
- Because people are playing against each other, can any one (or many) users exploit the game?
Thanks for your help
I'd just like to check that a secret for a provably fair game can be made out of 2 transaction ids; where the secret is used to create a signature with those tx ids (i.e. satoshi dice)
Let's say that there were 2 transactions in a 2 player game:
player_1 = "d200c3d88a578e32c6d024aacdac11b8f790c34679e60a114b4af9bcc07b39ad"
player_2 = "6bfafd42a665e14b3aa2f107e9c09164697bfe6f5dfb48ba163198a749fca3cb"
Apply a 512 Digest to the combined hash of the 2 players
secret = Digest::SHA512.hexdigest("d200c3d88a578e32c6d024aacdac11b8f790c34679e60a114b4af9bcc07b39ad6bfafd42a665e14 b3aa2f107e9c09164697bfe6f5dfb48ba163198a749fca3cb"))
secret == "0775c9758a8d63f66098e461bb185f7adc1c080f7d3f0656e3d968cdc45de4512abfff756eea6b3 379a8eb7eae110d3f95363a1c570fcbea6a2a48eaca5e0282"
Things to bear in mind:
- Players play against each other - 2 players could gang up and try to match their tx ids together in order to screw other players, but they don't know the tx ids of those other players.
- Because people are playing against each other, can any one (or many) users exploit the game?
Thanks for your help
Jump to: