Topic: Worldwide bitcoin lottery - page 2. (Read 1649 times)

Hi dooglus,

First of all, thank you for taking your time to reply on this.

I will try to address your points below:
"If the aim is to make it impossible for you to cheat by buying tickets, why are there any secrets?"
The secret token and secret salt is not put there to prevent organiser from cheating, but this is put there in order for participants not to cheat.
Please notice, that the secret token and salt is made public right after the draw and then participants can reverse engineer to verify that nothing has been altered since they purchased their ticket.
Upon receiving the the payment for at ticket, then the getLotteryHash() is made public along with the timestamp of entry.

"And if knowing the secret seeds would not help a player cheat then they don't need to be secret."
Thats actually a very good point. I guess the random beacon applied after the block is locked would would remove the need for any secret.
I will update algorithm. Thanks.

"I didn't look much deeper into your algorithm, but I see you are using timestamps, which is usually problematic"
I agree that timestamps are usually problematic. But here the timestamp of the ticket only serves as to put ticket into a position and the position is public shown instantly, then I am not sure how this could be problematic. The timestamp of the last ticket is off course also used to determine which date to get the random beacon from, but this is again not known a the time of last purchase.
I am think that off course "swapping positions" could be possible, if not external timestamp is used? But you alreayd know your position upon purchase.
I am not sure why timestamps would be an issue here. But if they are, then this off course needs to be fixed.

So timestamp of your purchase (Which currently is through to be internal server time, UTC) gives you the position in the lottery block (which will be a number between 0 and 9)
This is public the second we receive this.

The timestamp of the last ticket purchased (position 9) will be used as the timestamp for "locking" the lottery block.
The point however is that the random beacon is unknown at this point in time, so it makes no sense to alter with this.

I am more concerned, whether the random beacon is random enough or whether somebody knowing all the factors could manipulate this?

I will revert later with updated algorithm.

I don't think this is as easy as you think it is to get right. I'll respond further when you post the algorithm, below.


I don't think it's possible using Bitcoin. Maybe using an Ethereum smart contact you could do something like this, where the contract takes care of paying out the winner and only the winner. As I understand it, if you have access to the bitcoins to send them to the winner, you also have access to the bitcoins to send them to yourself, or to someone who blackmails you, etc.


pevpot.com is a +EV BTC lottery. The site pays out more in prizes than it takes from players. The difference comes from sponsors who advertise on the site.

"EV" means "expected value" by the way.

You should really take a look at the pevpot thread since it is a great example of how to make a provably fair lottery, and the thread is a decent example of how to work with the forum community to improve the site.

Ultimately, however, we are left having to trust RHavar to pay out the correct winner each week, and not to steal the coins for himself. But at least we can be confident that the winner was fairly selected - we can verify the result for ourselves, and know that nobody was able to manipulate the result. (Well, everyone is able to manipulate the result, but it takes so long to calculate the effect of each manipulation that by the time your calculation finishes it is too late).


The idea is that players will flock to the site to play the +EV game, which will make the site attractive for advertisers, who will fund the +EV-ness of the site. I'm not sure how well it's working out, since I'm pretty much the only sponsor, and that's mostly only because I was given 1 BTC by the guy who won the first draw, and asked to use it to sponsor future draws.


If the aim is to make it impossible for you to cheat by buying tickets, why are there any secrets?

If knowing the secret seeds would help a player cheat then knowing them would also help you cheat.

And if knowing the secret seeds would not help a player cheat then they don't need to be secret.

I didn't look much deeper into your algorithm, but I see you are using timestamps, which is usually problematic. Who decides the time at which a ticket was purchased. Transactions don't have timestamps, and different peers on the Bitcoin network will see transactions at different times. Are we going to take blockchain.info's word for when they first saw the transaction? If so, that's a point of trust. Or are we using the timestamp of the block containing the transaction? Then we're relying on the miner of that block. When there's 5000 BTC at stake it might be worth discarding a few 25 BTC blocks if their timestamp means we lose the raffle. And so on... But the 'secret' thing stands out as a bigger concern first.

So now I can post the algorithm, that is developed

The following has been taken into consideration:
1. Must be random
2. Must be provably fair
3. Organiser must not be able to tamper with result (Or take any advantage of knowing secret token / salt)

Please let me know, if you see any problems (at all)
# LOTTERY
# A secret token and secret salt is made for every lottery block of 10 tickets
# When someone enters lottery, then the following is made public
# - BTC Address
# - The time when ticket was bought
# - Lottery HASH - getLotteryHash()

$secret_token   = "some-secret-token";
$salt         = "some-salt";

function getLotteryHash($address,$salt,$secret_token) {
   return hash_hmac("sha256",$address.$salt,$secret_token);
}


When a block of 10 lottery tickets are filled, then the lottery block will be locked
The following will be displayed online
- Timestamp (UTC) of when the block was locked
Selecting random beacon
This we will select from https://blockchain.info/
The value selected will be the "Total number of Bitcoin transactions" for the date when the Lottery block was locked
(If the lottery block is locked less than 2 minutes before midnight, then the following day will be used)
The drawWinner($address_arr) function is run every hour until a winner is found
- $address_arr is ordered by time of enter
When winner is published, then $secret_token and $salt will also be published

function drawWinner($address_arr, $secret_token, $lottery_block_lock_time){
   
   if(is_null($random_beacon = getRandomBeacon($lottery_block_lock_time))) {
      return false;
   }
   
   mt_srand(calculateSeed($address_arr, $secret_token, $random_beacon));
   
   $idx = mt_rand(0, count($address_arr) - 1);
   
   return $address_arr[$idx];
}

function calculateSeed($lottery_bet_address_arr, $secret_token, $random_beacon){
   
   $hashed_addresses = '';
   
   foreach ($lottery_btc_address_arr as $address){
      $hashed_addresses .= hash_hmac('sha256', $address, $secret_token.$random_beacon);
   }
   
   return crc32($hashed_addresses);
}


function getRandomBeacon($lottery_block_lock_time) {
   
   $date = date('Y-m-d', strtotime($lottery_block_lock_time) + 60 * 2);
   
   $time = strtotime($date.' 18:15:05');
   
   $json = file_get_contents('https://blockchain.info/da/charts/n-transactions?format=json×pan=30days');
   
   $data = json_decode($json);
   
   foreach ($data->values as $info) {
      if($info->x == $time) {
         return $info->y;
      }
   }
   return null;
}

Again, please point out any problems with this method.

generally, i play more in lottery (italian lottery, superenalotto and lotto), i don't have understand why the bitcoin user like play a dice game and not a lottery, with big bonus.
i think a good idea can is associate a bitcoin lottery with a normal lottery ? Example, the number of winner is the same of italian lottery

If "EV" means "Expected Value"?
Normally I would not trust anyone claiming EV+ in lottery as this is not sutainable business model.

could you please read this again There isn't any particular interest in general in BTC gambling. and explain why there is no interest in BTC gambling? or are you only showing us your nice signature?

just for info....all casinos are -EV and all fiat and BTC lotteries are -EV

I completely agree. If nobody trust it, then no tickets will be sold. A little advantage is that the company is not brand new, but I still agree that some sort of control of funds deposited into the lottery is needed. This is excatle my questiob whether this is possible in some way, or will I have to coorporate with a big accounting firm or similar to hold these funds.

Can someone help me with the abbreviation "EV". Not sure what this is.

There isn't any particular interest in general in BTC gambling.

You could check RHavar thread (search it, https://www.pevpot.com/) - he made +EV lottery. I don't think you could compete this. As your will be -EV and have  big reputation here.

Storing btc part comes later but first who will trust and buy lottery from you or your company? Because in lottery quite a big amount will be generated before you distribute to the winner so I don't think any one will trust new company and put money into it.

@wusolini
I know there are many ponzi schemes out there. This is excatly why I do not want to do this before I have checked evertyhing needed to make it complete transparent. Good point with the company. I already have such and the company also have a gambling license. This is just basic stuff. But I want suggestions how to even further ensure that funds are kept save and available for winning tickets. It must be possible in some way.
Also no need to do ponzi scheme on this, since less than 100% percent of revenue goes back to winners, so there is already profit. If you have any suggestions how to make storing of paid in bitcoins transparent, I will be very happy to hear about this.

first thing came up my mind is: another ponzi but this time he gave us the ceiling ... 5000 BTC and he's gone

don't expect much unless you become registered company (provide people legal way to chase you...just in case) or use escrow ... guess there is no other way 

Not going to comment on the flaws of the system but this is my general opinion on Bitcoin lotteries, a lot many have been tried in the past but almost all of them failed because of low/no interest.

Even if you can make it completely fair and trusted, you'd have a hard time getting people to bet, gamblers (BTC gamblers especially) have no patience and prefer instant results and things with less complications, which is why you'll see most of them playing on dice, because it is as easy as 1+1=2 and it is instant, you can bet 100s of times in a minute and results are instant, whether you win or lose.

But if you still think you want to do this then make a test website with your system to start with and then testers can share their views on what is good/bad and what needs to be changed.

To be honest i am not a security developer or an expert in these subject but i am fairly sure that Nico,dooglus and other active guys are going to point it out as soon as they see any flaw or anything which might not be considered fair in some sense.

I would propose that you read the following thread  and pay attention to @dooglus answers and explanations

https://bitcointalksearch.org/topic/btc-rafflecom-provably-fair-referral-system-player-vs-player-1312679

Hi all,

I am a fairly new member to the bitcointalk community and is seeking some help from experienced users.

I have been working on a business idea for a couple of months now involving lottery and bitcoins.
However it seems like there in general is a lot of scam (and thereby mistrust) within Bitcoin businesses in general.
This is why I need help. So let me first tell about the business idea.

I want to establish a world wide lottery, where you by transferring a certain amount to a certain bitcoin address will have entered with a ticket.
The idea is that 1 in 10 tickets will win, while one very lucky ticket will win 5.000 Bitcoins (based on 1 ticket cost of 0,01 btc)
So to explain:
Every time 10 tickets are sold, then these 10 tickets enter into a draw for 20% of the total ticket costs.
A random ticket is selected and the winnings are paid back to the winner. If you win in this first round, then you also advance to the second round.

So when 10 x 10 tickets have been sold, then a new draw between the previous 10 advancing tickets will occur for 15% of the total ticket price (of 100 tickets) and the winner will advance to 3rd round.

and so on... until a very lucky winner have won 5000 bitcoin.

Well I am have had a few considerations.

1. The algorithm for selecting the winner in each should be a random algorithm based only on the bitcoin addresses participating.
I believe that it will very important, that this algorithm is public, so everyone can test that the draw is not tampered with in any way. But also must be so complex that nobody can predict any outcomes.
This part I think I have already covered with an algorithm that I have worked on and tested over the past couple of months.

2. Securing the bitcoins
This is where I really hope to get some input from some of the users in here. (The more sceptic, the better)
How should I do to proff to participants, that price money are secured and intact?
First of all I do not like the idea of storing all that bitcoin in an online wallet, since these can be hacked.
Second I do not like to use any "escrow services" as this is just moving the risk of fraud from 1 place to another.
I hope someone can suggest a complete transparent setup where participants at any time can verify that the prize pool is intact and I way where bitcoins can only be paid to winners.
And off course cannot be hacked.
Is this possible ?

Please also mention if you see any potential places for mistrust as my aim will be to make this complete transparent and fair.

Regards Snezzy