Topic: Using SHA512 hash as random number generator for Gambling services - page 2. (Read 13822 times)

Right, a miner who plays more than 50 coin worth is incentivised to throw out a losing hash, seems like there should be a remedy, but I can't think of it. Using multiple block hashes still leaves the last one being the only one that matters from the player/miner point of view.

It says the MM numbers come a few hours later anyway.

For one, the delay is no good -- lotto players want to know, with as little delay as possible, if they've hit the jackpot.

Using a block hash means the result is one that has the poentital to be be manipulated.  If the miner with big bets on BitLotto finds a valid hash and then discards it because it doesn't also result in a winning lotto ticket, then the results are going to end up being different.  The result in that case was manipulated.

So instead by using Mega Millions numbers as data that then gets hashed then this risk of manipulation no longer exists.

Whoa, I didn't know you were using Mega Millions numbers. Why not use the hash of a block 20 blocks after the draw closes?

It works but since the secret is known to at least one person it does have the risk of people cheating who know the secret.
 
Truly random - No. Completely unpredictable and unique - Yes.

One thing to remember is that the tickets don't actually have to be random. They COULD be 1 to however many tickets. The only important part is that they are unique. SHA256 guarantees that no two tickets will have the same hash.

Hashing the tickets with another hash that DERIVES from truly random data guarantees that no one, no matter how much computing power they have, can gain ANY advantage. Each resulting hash will be unique and impossible to predict. And since they are all unique and the formula for sorting them is known, no one can cheat. For example in BitLotto, the winners end hash will likely have 00's in the front. There is no way to know what hash to create for the tx because the hash that will be added to it doesn't exist yet. It won't exist till all tickets are sold. And that is what makes it so secure. Using a "secret" stops the players from cheating but depends on the security of that secret. BitLotto used to use that for one draw a while ago but we wanted something that not even us could cheat even if we wanted to. We now have a system that no one, no matter how much computing power or inside knowledge, can cheat. The evidence is all in the blockchain.

In other words the way we use SHA256 ensures we have an single unpredictable winner. And that is essentially all a draw needs to contain. The mega millions numbers help ensure that at the end, the winner is unpredictable and random and can't be cheated.

There are some gambling sites usign hashing algorithms to generate a random number based on information from the blockchain.

For instance, http://SatoshiDice.com does a hmac_sha512(secret, transactionhash) to create a hash, and the first four bytes of that hash are used to determine the "lucky number" from 0 to 65,535.   Bets are placed on whether that lucky number will be below a certain level, with levels being

less than 64,000
less than 48,000
less than 32,768
less than 32,000
less than 24,000
etc,, down to
less than 4
less than 2
less than 1

Is the resultant four bytes of the hmac_sha512 hash truly random?

 - http://tools.ietf.org/html/rfc6234

BitLotto is another that uses the results of hashing based on the bet's transaction hash to determine the winner:
 - http://bitlotto.com   (Method for determining the winner: http://bitlotto.com/details.html )

Using the blockchain as a way to verify that cheating isn't occurring is a radical concept for gaming, but I'm not entirely convinced there are no advantages that can be gained by someone attempting to cheat.  BitLotto's approach seems to be more than adequately secure (hash message includes transaction id plus results of an event that happens after the transaction id was created.)  This one I'm not quite as sure about though the odds to the house are big enough that even finding a slight advantage probably wouldn't be profitable enough for the cheater to profit.

More discussion on the Satoshi Dice game here:
 - http://www.reddit.com/r/Bitcoin/comments/segz0/anyone_want_to_run_my_bitcoin_casino

[Update: These sites return the winnings to the same address from where they were sent.  Do not send bets using a hosted EWallet service like your account at Mt. Gox, PayTunia or InstaWallet, etc, as someone else will be the recipient of your winnings.  Only use a Bitcoin client like the Bitcoin.org client, or a Javascript wallet like BlockChain.info/wallet or StrongCoin.]