Topic: Should online casino games be open source? (Read 614 times)

Most casinos don’t develop their own games, they rely on game providers to run the games on their platforms. However, there are exceptions, like BC.Game and Stake.com, which have developed their own games. These are rare cases, though, and the majority of casinos still depend on third-party game providers.

When gambling, the first thing players usually check is if the casino is trustworthy before they even think about the games. Take Stake, for example, they have thousands of games, and most people don’t even question whether they’re open-source or not. Typical gamblers just pick the games they feel lucky playing, without worrying too much about the technicalities.

That is what I always wanted to understand because I am certainly aware that the odds are against you on a slot machine, but sometimes the losing streaks felt unreal. For that reason and in general I never really liked them and hence barely played slot machines because I had this feeling that the casino could tweak something about the games. I then thought what you just said, but since I am not literate enough in that field, I stick with sports betting as that is the easiest for me to verify whether the result is correct. Of course you could now argue that games can be rigged, but I think if I place a bet on a game where Real Madrid meets say Barcelona, then I can watch it and see for myself.

If I now get addicted to slot machines because you calmed me down that they can never be rigged, I'll know where to go to get my money back! 

Thanks for the info of course!

Proving each platform used is a way that really has to be done so that there is no doubt, everything must be open and know how the system works.

Laypeople get into gambling just playing without understanding how their game ends up being manipulated with salted seed, it even keeps tempting them to keep making deposits and keep playing.

This forum is the first to make everything open, so that in every casino that is used and quite popular in this forum there is a thread that discusses specific casino issues and no one will be able to escape the openness that must happen.

Being open source may be difficult for most online casinos, but being semi-open source it is doable,
so there will be more trust in those casinos, not just how the system is set up for their own benefit.

Good topic as various concerns about closed source software are generally sound in sections devoted to crypto wallets, either software or hardware ones. 

Regarding casinos, I'm sure that  open source games in casinos would be highly welcomed  in  gambler's community as  such kind of  stuff would increased games' credibility  but it seems to me that traditional not-blockchain casinos use proprietary software with the close source. Probably blockchain based decentralized casinos use open source games in their routine operations, but I'm not sure about it, should do the relevant research for myself in the nearest future.

You must understand that one thing is the source code and another is the security on websites.
You could know about a vulnerability and still not be able to benefit from it due to the security of the website.
Because for your attack you should be able to modify files on the site, and if an attacker manages to do so it does not depend on the game but on the security of the site, because I assume, security is layered, and what you see to play is just a shell on the onion.

How do we prove we aren't being manipulated with a salted seed? I have been around online gambling since this forum began and for the most part I believe in provably fair, but as I just stated, how do we as a user know for a fact that a casino isn't giving is a salted seed making sure we lose?

We the players are just blindly believing that a casino would never do that. I think it would be better for the players if everything was out in the open and able to be proven beyond a doubt.

Probably, yes. I know provably fair exists but there's another added layer of confidence in the casino if casino games were open-sourced. Still, game providers are a BUSINESS. A private one at that. If there's no method or whatnot that could let them safely show their code publicly without it being copied by others, I highly doubt it'd happen.

There's a difference between an attacker and a contributor though. And it's just a "guarantee". A source code being open sourced doesn't mean it's going to be checked by experts and corrected is what he meant initially. And I'm pretty sure attackers won't be doing any correcting lol. Plus, if there's anything an attacker would be looking to take advantage of, it's there.

Honestly if casinos wanted this, they'd much rather do bug bounty stuff instead of going open sourced lol. They have the money for it, and they don't need to reveal the code itself.

And no, they SHOULD be worried about rigged games, or at least make it a top priority to check. Why? Because game providers don't only give out these games to one casino. They give it out to a bunch of casinos. Now imagine if that rigged game was released to multiple casinos and the attacker, knowing about it, did a mass attack on it. Pretty sure that'd cause a heavy loss for everyone.

I understand that from the casino's point of view it doesn't make much sense for hundreds of reasons and in the end people play anyway, so their decision is obvious, leave things as they are.

But to be right and reinforce your arguments you contradict yourself in the same post, in your first answer you say that there are no guarantees that it will be evaluated by experts and in the second you say that attackers will take advantage of its vulnerabilities, now I ask you, isn't an attacker an expert?

In short, what open source protection base in terms of vulnerabilities would the casino choose? It would choose a reward system for collaborators to report and correct them.

As for the following, the attackers: knowing the source code would make them know the games precisely, but that is one thing and being able to manipulate the website to execute the attack is another.

So in case of being able to attack the site, manipulate and insert code, the least the casino would worry about would be rigged games.

That's one another risk aside from the one that I have mentioned. It's true that they will get easily copied if they allow it to happen. So, they have to choose what they are up to.
Is it about being transparent and liked by people that way? or is it about securing what is theirs and they're not willing to show it to the public and will rely on the public trust?
I think that it's the latter and even if there were a lot of casinos that have opened up the idea and shown to the public about open source games that they have, it doesn't matter to the majority where we've been stuck into the liking of the common casino that has them closed source.

People are already used to gambling in casinos without open-source games, so why would they change that? While we all like transparency, there’s a lot of risk for game providers in making their games open source. It could easily be copied, and they’d lose control over their brand. That’s one major reason why not all games are open source.

I’ve been gambling for a while, and I understand how the industry works. I wouldn’t demand something they can’t provide. If casinos are willing to make their games open source, that’s great. If not, let’s respect it. At the end of the day, we can always choose games we feel are legit and trust that the providers aren’t manipulating the outcomes.

I do like the idea of it and that only means transparency and intergrity to the casinos. But if they're already a million dollar company, are they going to allow this to happen?
Because first things first, the ones who are technically good at it might see some bugs on it that can be abused by any player and that means money to them.
Money to pay for whoever abuses the bug and money to pay for whoever reports the bug to them. That's why it's one of the factors for the open source to make but then, even if they are not, there could also incidents like these bugs could occur.

For gamblers to trust the fairness and know what they are doing, that option of open source will be nice, but for the casino side, that doesn't look good for their business; a lot might go wrong, either from direct copycats, competitors, or even players. They might easily be able to find and explore bugs around the system before the casino will notice it might have caused serious damage to them.

You seem to still not understand what open-source means.
Open source only means you can see the code, there is zero guarantee any "expert" will look at that code or try to fix it.
None, zero, nada, niet, keine!


Again, not a guarantee, but also a possible flaw since any attacker has a starting point knowing the code, he no longer has to gain access to it in the first place he can now analyze it from scratch for free, you trade the security with a gamble on who will find the bug first, a guy willing to help or someone willing to exploit it.


Casinos don't have access to the software, they just provide the interface for it, they would not be able to tweak something they can't touch, think of it like embedding youtube videos on your website.

I think this can be realized for people that knows about it because I believe that a beginner in gambling will not know all this you people are discussing concerning gambling, but for me I know that you will not trust a gambler search Trust because you know that no matter the reputation of a gambler you cannot give them a trust it just like that so what I have to say is that people who is new in gambling will not understand this except that they go deeper or they experience some starting things in gambling before they can be able to have a such experience of a reputation and non reputation in gambling

Agreed that open-sourcing doesn't apply everywhere for a reason or otherwise we wouldn't have an environment where development is competitive and progressive in the interest of the user and of course the companies building things.

But I ask myself sometimes whether these customers, which are the casinos, have a possibility to somehow tweak these software products from those iGaming development companies? Do you know how that works? I am not a developer. Are the products like "encrypted" or "protected" such that any casino has no chance to get into the software and manipulate the game?

But then I assume the problem still is that they could offer the game, but do their own tweaks in the front-end and the user would still have no chance to verify whether things are correct or not.

Is that about right?

Though, you are taking for granted that casinos or games providers would be willing to put some money aside to keep funds for people to disclose bugs they have found while playing their games. That won't be the case for some providers, so there will not be any reason for those gamblers to responsibly disclose the bug.
Also, you need to keep in mind those bug hunting funds need to be quite high and match the seriousness of the bug disclosed. Why would someone disclose a bug worth of millions of dollars in potential damages to casino if the bug hunting program only offers 500$?

The reward needs to be reasonable if one wants to see more white hat hackers instead of people willing to steal as much money as possible from casinos, open-source or close-source.

I personally think that casino games should be open source, although many casinos currently do not use open source games and for the cause they shows that open source codes could be easily affected by the abusers like hackers. But I think this is completely wrong, in the case of open source games, when the bugs are caught in the community during bug hunting, they will be able to implement a more secure system. And regarding the issue of hacking, we have seen many casinos with non-open source games being hacked.
However, before playing the games, we can check the provider name to see if the games are open source or we can ask the casino live support directly.

Making online casinos open source is like giving the gamblers and competitors an edge over the casino. This is a good idea, but it will not be favourable to the casinos. Competitors that get to know alot about a casino, including the casino's codes can use that against the casino to their own advantage.

This will raise lots of security concerns for the casino too as some malicious individuals would also want to manipulate outcomes of games or even hack the system. Which will definitely destroy the casino's reputation and finances.

This level of transparency we so desire will not be favourable to a competitive industry like the gambling industry. There are lots of negative implications involved. Casinos should just stick to the usual Provably Fair Systems to avoid shooting themselves in the foot.

Do you think their weakness can be taken advantage of in that regard by competitors?, though I have not seen how their competitors will do that against them because this is just like a club against each other, the only thing they would see among themselves is having the same eleven players on the field, so actually what other casinos can only see is just the games and nothing too much importance for them because even if they saw all the users they don't have the power to convert them on there own casinos if they choose to patronize other casinos instead, so the security system is just were the problem lies.

Verifying the randomness of results via seeds is baby science versus understanding the code and find any issues in it so anyone can verify the provable fairness but to read and understand code it needs special knowledge as well as experience. I am comfortable with this because I can't read codes so even if the codes are publicly available I can't verify it by myself so that I have to rely on someone's words for that so it doesn't really make any difference