Reputation: 1064
Can Provably Fair truly be fair?
I have been seeing allot of gambling (BTC) websites use the "Provably Fair" system. I am wondering if some of these could possibly be faked.
As an example:
- Place a bet on a website for 1 BTC
- The website gives you a hash to "verify" the outcome of the result
- Displays the result, awards or takes
Now I understand that these are completely random, but with pretty much any programming langauge thousands of these hashes can be generated at once in miliseconds. Is it possible for gambling websites to pretty much try and "scam" a user by generating numbers before a specific rule to decide which one they want to give them based on them winning/losing.
I just started researching if they are trustworthy and this came across my mind.
I apologize if this is one the wrong stack website, if you don't mind directing me to the correct one.
Here are some examples: http://provablyfair.org/ https://fortunejack.com/help/provably_fair
Upvotes: -1
Views: 1075
Answers (2)
Reputation: 1
A result is often calculated using 3 things:
- A server seed: Generated by the server. This is hashed so that the player can verify the result are legit and the server didn't change it mid-way but doesn't allow the player to calculate the result themself (cheating)
- A client-seed: Generated by the browser. This is used so that the server don't know the result and can't change it.
- A nonce, known by both parties. This is often used as a counter for how many bets you have made.
To get the result:
- Your browser send the client-seed and the bet info (amount, odds) to the server. Now the server know the result, but can't change it because the client will check the hash later on.
- The server send the result and the server seed to your brower.
To verify:
- Step 1: Take the server seed and hash it, then compare it with the hash you recive before. If it match, the server play it nice and didn't cheat on you. Continute to Step 2. If it doesn't, you are getting scammed :(
- Step 2: Calulate the result yourself.
Upvotes: 0
Reputation: 160
I understand what you mean and I also think this could be able to do, in fact its pretty simple:
- Server send numbers to client, modify the results
- Hash are displayed next day
- Create 10000 hash, choose the outcomes you need and publicate in that order
- Done
And now will come the genius one saying: "You can't modify the seeds". No, but as far as I know u can create as many diferent secrets as you want to archive diferente numbers results. (Im new at codign but I think it could work by this way)
Upvotes: 0
Related Questions
- How can I lint C++ code to find all unused return values?
- How can I detect a method call in Java?
- Does using a map truly reduce cyclomatic complexity?
- How can I find Python methods without return statements?
- How can I track values between Jenkins Builds (Static Analysis)
- Why can assignment from one type to the same need checking?
- Can I easily exclude some contracts from static analysis?