Weakness on Provably-fair system ! | Bitcointalksearch.org

Danydee

legendary

Activity: 2576

Merit: 1248

#SWGT CERTIK Audited

Quote from: edgycorner on August 22, 2022, 06:54:16 PM

Sure, there's could be a problem with the autobet feature and it could be manipulated. You could write your own javascript in that case and randomize client seed before each roll. Problem solved.

I have seen sites in the past that restricting the modification of client seed, example: no more than one time per minute..

Quote

You could write your own javascript in that case and randomize client seed before each roll. Problem solved.

That could be great, but it needs to someone creat it and make it available for everyone.. but it still can there a issue here, they can put a script on the webpage for sniffing the seed.. a casino who is ready to manipulate the results would surely make this!

Instead, In the case of creating an open online tool, that provide a (external to the casino site) element that can be embedded in the game page in way to ensure that there's cannot be any alteration, there is a great odds that the tool became very quickly popular and so being largely adopted !

edgycorner

sr. member

Activity: 1064

Merit: 382

Hurrah for Karamazov!

Your post doesn't really explain the vulnerability.

Sure, there's could be a problem with the autobet feature and it could be manipulated. You could write your own javascript in that case and randomize client seed before each roll. Problem solved.
As for normal dice bets(i.e. without site's own autobet bot), if the result can be verified later on then it's indeed fair.

I do remember a thread about Stake where OP was complaining about their autobet bot. Stake announced an unofficial reward if someone can prove it or reproduce the same event(like autobet stopping abruptly during a red streak).

Poeople really don't care about fairness anymore. For some reason they are hooked to slots now lol, the most stupid and idiotic method of gambling .-.

STT

legendary

Activity: 3878

Merit: 1411

Leading Crypto Sports Betting & Casino Platform

Reminds me of a Twitch streamer who gained access to the provable fair system because he was the operator of that site apparently, name of PhantomLord. So he could determine best when the odds of him winning were highest and so make a big deal of it on his stream even though it was all very circular it would help his wins look big. I dont quite understand how he could use it so easily but obviously having the help of admin on that particular site in real time was a key part of it. If you wanted a case to look into possible avenues of abuse that'd be the case history known about.
I couldnt immediately find a good source but in the end he sued twitch and won somehow though it was purely nominal only; he is known as a scammer and has not made it back to the top level he was at prior to being discovered in the deception.

Danydee

legendary

Activity: 2576

Merit: 1248

#SWGT CERTIK Audited

The common provably fair system work as follow:

A server seed of wich the hash is provided to the player before the rolling + A client seed wich is in some way mixed to server seed to make the roll resut!
This can ensure that the result can't be modified or manipulated..

.. But there is still a issue (vulnerability) there, that if the site get know of the client seed they can manipulate the results as they want.. and for example while playing with (Auto-bet) and so they can predict the users bet or in some games where there is no user inputs/intervention in regards to the outcome/result, the "System" turns to be completely obsolete !

So.. is possible to overcome the problem simply by setting an online open-source tool, or a widget that can be integrated "embedded" on the casino page and provide the casino with just the hash of the (client seed + a nonce)!

So what do you about it ?! Is there someone to make this up ? Grin

Topic: Weakness on Provably-fair system ! (Read 70 times)