Bitcoin Forum

I'm slowly working on my own game for bitcoin. However, i'm not sure how I can go about making it provably fair. I'm new at coding and everything like that.

In general...

A) Pick a random boolean value
B) Generate long random string
C) Combine A and B
D) Hash value of C (using sha256 or sha512)
E) Notify the user of value of D before the game round is played and then the value of C after the game is played.

Recommend that you encrypt the value of C in transit and at rest.
Some will recommend adding client and server seeds to the hash or seeding the random string as well in B.

Avoid weak random number generators. (https://cwe.mitre.org/data/definitions/338.html)

What about using free API from RANDOM.ORG? Its pretty simple to implement :-)

Check out their API doc at https://api.random.org/json-rpc/1/

They even offer some "ready-made" (but PAID) solutions.

You should search for it on github.

Most code is there.

probably

nope.
since it's a known value then it's not random anymore.

This has less to do with random number generation than what OP was looking for; a way to prove that the outcome was not unfairly predetermined. As an example, one could generate a random number for a dice roll that a player bets on, then modify the random number to favor the house when the bet is large after a series of wins to generate a loss and take the player's bet. With a provably fair model, the dice roll can be verified that it wasn't tampered with after the bet was made.

You could use a service like random.org to generate the random number, but when money is involved, it's better to use a random number generator that's not from a 3rd party and uses a cryptographic random number generator. People and organizations are corruptible by money.

I thought he was giving an example of a bunch of random numbers that he was generating.

What would be the most likely value taken to generate Server Seed in a provably fair game, if the value of random number generated by the script is known.

Please help  :'( :'(

Generate a CPRNG value to use for the server seed, in C# use the RNGCryptoServiceProvider class, random_bytes() in php, and the secrets.() class in python.   

If you want to store that server seed to be revealed later in time, you should encrypt it using AES256 or higher with a complex encryption key and stored in a file system outside of the webserver contextual directories (So, don't store any keys in www/html, etc). If you want to get fancy and money is no object, you can buy a hardware device to do it for you (called an HSM).

If you're not concerned with overhead or ease of use, there's no need to keep re-using the same server seed. It just means that you can't reveal the server seed until a later point in time.

Watchout for backdoors.