i have noticed something off regarding SatoshiDice. on june 25th, it appears they made some modifications to the system, and it appears that if i add up all of the bets that i have sent to the following address: 1dice7fUkz5h4z2wPc1wLMPWgB5mDwKDx
that the payout odds coming back, were on average 1:7.91 instead of the approximately 1:4 that is advertised on the front of the website.
How many bets have you made to that address since June 25th, and how many won? SatoshiDice is provably honest - they use a publicly known mathematical function to decide whether you won or not, using secret numbers decided before the game started. A hash of the secret numbers was also published before the game started, so they can't change it. Looking at the blockchain since June 25th (I started counting at block 186101), I can see that they have processed 3808 bets to that address. 1 was refunded for being over the max bet, 3 haven't yet been paid out either way, and of the remaining 3804, 885 won. That's 23.26% of them that won (1:4.298). We would expect 24.41% to win in the long run (1:4.096), so that's pretty close. It's certainly nowhere near the 1:7.91 that you saw.
|
|
|
That's bad. You're using connections that other users could be using. How about opening up a port instead. That way you help improve the network rather than harming it.
|
|
|
Thanks to everyone that has played and offered me feedback in the last 2 weeks!
We've officially hit a milestone hand: 50,000 real bitcoin blackjack hands have been played since launch! In celebration, we gave away some btc to all the players that were playing when the milestone occurred.
If you were playing anytime yesterday, you probably got a boost to your balance!
That's pretty impressive. 50k hands in how many days? If it's since you posted about your site in this thread, that's about 1 hand every 20 seconds, 24/7.
|
|
|
it is possible but highly unlikely that Ella Fitzgerald will appear next to you right now
She didn't. It was quite a relief because she's been dead since 1996. To find the probability of "beating the odds," we can use a binomial probability distributionfunction.
Oh, I was close then. I found myself at http://en.wikipedia.org/wiki/Binomial_distribution yesterday when I was trying to work out how to do this, but didn't have enough confidence that I had the right distribution to proceed. Thanks a lot for doing the maths. The probability of winning at least 26/45 bets on 48% odds is 12.23%
38.71% for at least 15/19 wins on 73% odds
So a combined probability of 38.71 * 12.23 / 100 = 4.73%, or about 1 in 21. it's not suspicious, just unlucky that it happened on such large bets.
If you look at blockexplorer you see that at 2012-06-01 08:34:55 he received 100 BTC which he lost (lose 50, win 60, lose 50, lose 71) and then at 2012-06-01 21:27:22 he received the 100 BTC which went on to win lots. It strikes me as unlikely that he would lose the whole of his first bankroll if there was anything suspicious going on. Perhaps this was just poor bankroll management on SatoshiDice's part. The only refunded bet I saw was 3 days after this guy started on his winning streak.
|
|
|
Oh ok. I haven't been involved in any other poker sites, really, so I don't know what I am missing compared to Full Tilt or Poker Stars. Care to enlighten the uninformed? What do those popular sites have that seals with clubs does not?
It's probably a case of ignorance - I just don't know that there is better software out there.
It's really hard to put your finger on, but if you try the PokerStars client, and then try the Seals one, you'll see what he means I think. The PokerStars client just feels slick. The games flow smoother, the user experience is just somehow better. Maybe part of it is that PokerStars is a native app, and Seals is stuck in a browser tab, faking a multi-window environment inside a flash app. Even running the Windows version of PokerStars in Linux using WINE feels better than the Seals flash app.
|
|
|
Interestingly there is a significant probability that SatoshiDice itself will loose a lot of money, despite it's house edge. I think that is why they have had to decrease bet limits and increase the house edge.
Look how they lost over 3000 BTC ($15,000) in a 7 day period (June 2nd to June 9th): ![](https://ip.bitcointalk.org/?u=https%3A%2F%2Fi.imgur.com%2Fru1Gz.png&t=663&c=b3rF0ZRrUmhQSQ) It looks to me like a large amount of those losses stemmed from a single bet: http://blockchain.info/tree/7470279Follow that bet, its winnings, and the various change outputs, and you find a sequence of large bets with unusually high win rates. I found 45 "lessthan 32000" bets with 26/45 winning (58%) when it should be 48%, and 19 "lessthan 48000" bets with 15/19 winning (79%) when it should be 73%. The bets are mostly 50 or 100 BTC each. My knowledge of statistics isn't good enough to work out whether this is reasonable variance, or whether it's suspicious but I suspect that I don't have enough data points to draw any safe conclusions.
|
|
|
Sorry to revive an old thread
Unforgivable! ![Wink](https://bitcointalk.org/Smileys/default/wink.gif) If you are trying to find someone's public key based on their bitcoin address (the hash of it), it will take a classical computer 2^256 guesses, but it will take the QC 2^128 guesses.
But you don't need to find someone's public key. You only need to find a public key with the same 160 bit hash as theirs. This will take a classical computer 2^160 guesses, but it will take the QC 2^80 guesses, for all the same reasons you used in the argument with Death & Taxes. (for reference, the entire bitcoin network has produced about about 2^70 hashes total over the course of 2 years --- approximately 1 quadrillionth of the number of computations required to reverse your public key from your BTC address)
And so the "1 quadrillionth" should be reduced to "1 thousandth".
|
|
|
Sum typoes: All transactions in that block and befor are included in the jackpot.
before So a players own winning bet gets included in their jackpot.
player's Winners are not payed until their bet transaction has at least 2 confirmations
'paid' is more commonly accepted as correct It is to the winners advantage to wait for confirmation
winner's So for the progress games we involve a trustable third party
progressive? allowing interested parties to eaves drop on that message stream
eavesdrop is a single word
|
|
|
How about the potential that there are multiple wagers with the same transaction hash? That would appear in the results.
That's an interesting attack. I'll check and see if there are any duplicate transaction IDs with SatoshiDice bets in them. I looked at just the bets during the period of heaviest losses for SatoshiDice, the 800 blocks 182800 through 183599, and found the following. My theory of it being double-spent longshot bets is clearly wrong. The vast majority of the losses were from "under 32000" bets - pretty much coin tosses. "under 4000" had the highest RTP, but much smaller losses, due to smaller volume of bets: Address Target Should Win | #Bets | Win | Lose | In | Out | Profit | RTP ----------------------------------------------------------------------------------------------------------- 1dice1e6p 1 0.00002 | 51 | 0 | 37 | 0.20 | 0.00 | 0.20 | 0.0% 1dice1Qf4 2 0.00003 | 32 | 0 | 29 | 0.27 | 0.00 | 0.27 | 0.0% 1dice2pxm 4 0.00006 | 20 | 0 | 17 | 0.26 | 0.00 | 0.26 | 0.0% 1dice2vQo 8 0.00012 | 47 | 0 | 44 | 0.96 | 0.00 | 0.96 | 0.0% 1dice2WmR 16 0.00024 | 26 | 0 | 25 | 1.18 | 0.00 | 1.18 | 0.0% 1dice2xkj 32 0.00049 | 20 | 0 | 20 | 1.48 | 0.00 | 1.48 | 0.1% 1dice2zdo 64 0.00098 | 49 | 0 | 47 | 10.43 | 0.03 | 10.40 | 0.3% 1dice37Ee 128 0.00195 | 506 | 0 | 502 | 42.46 | 0.11 | 42.35 | 0.3% 1dice3jkp 256 0.00391 | 115 | 1 | 111 | 19.39 | 10.06 | 9.33 | 51.9% 1dice4J1m 512 0.00781 | 107 | 0 | 106 | 34.24 | 0.14 | 34.09 | 0.4% 1dice5wwE 1000 0.01526 | 222 | 2 | 215 | 120.98 | 1.27 | 119.71 | 1.1% 1dice61SN 1500 0.02289 | 37 | 1 | 35 | 56.35 | 0.31 | 56.03 | 0.6% 1dice6DPt 2000 0.03052 | 94 | 2 | 92 | 56.92 | 1.25 | 55.66 | 2.2% 1dice6gJg 3000 0.04578 | 105 | 3 | 101 | 83.61 | 1.26 | 82.34 | 1.5% 1dice6GV5 4000 0.06104 | 135 | 12 | 123 | 94.54 | 224.38 | -129.84 | 237.3% 1dice6wBx 6000 0.09155 | 232 | 20 | 211 | 851.87 | 1168.98 | -317.11 | 137.2% 1dice6YgE 8000 0.12207 | 384 | 37 | 340 | 186.28 | 112.71 | 73.57 | 60.5% 1dice7EYz 12000 0.18311 | 4309 | 819 | 3488 | 626.54 | 861.54 | -235.00 | 137.5% 1dice7fUk 16000 0.24414 | 3124 | 793 | 2322 | 427.20 | 467.04 | -39.83 | 109.3% 1dice7W2A 24000 0.36621 | 1342 | 501 | 824 | 1483.96 | 1635.54 | -151.58 | 110.2% 1dice8EMZ 32000 0.48828 | 50458 | 24498 | 25726 | 24846.77 | 26874.90 | -2028.12 | 108.2% 1dice97EC 32768 0.50000 | 3569 | 1783 | 1754 | 2187.61 | 2476.62 | -289.00 | 113.2% 1dice9wcM 48000 0.73242 | 4849 | 3571 | 1251 | 4339.44 | 4312.58 | 26.86 | 99.4% 1dice9wVt 64000 0.97656 | 283 | 263 | 10 | 294.68 | 269.88 | 24.79 | 91.6% -----------------------------------------------------------------------------------------------------------
(I'm ignoring bets which weren't paid out within the 800 blocks in question, though they count in the 'bets' column, and am also ignoring fees paid)
|
|
|
Even with millions of bets there should be no way to reverse-engineer the secret from the HMAC operation, especially knowing only the last two bytes. (is the full output of HMAC(secret,TxID) shown?)
sha256(secret) has been published for all the secrets that will be used in the next 10 years, and the full output of HMAC is shown. See this ' recent bet': Secret and Transaction Hash
Verify that the hmac sha512 with secret and transaction_id hash to the bet hash hmac_sha512(hidden,69468dfc1a10bc9ae98d6913a715436eb1bd795bf023ea2aa0ff1d5f07f22b97) -> 1695547cca9f140b91a127664c43369d8ec9a70cc3c509d2c25f179a4d4c8dc3
|
|
|
My guess is that someone found a vulnerability
how likely is it someone could brute-force the daily secret hashed and published in advance? Not very. More likely is that they could double-spend their losing bets using pre-mined blocks, and only let their winning bets confirm. If I control a lot of hashpower, I make sure that every block I mine contains a spend to myself. Each time I find a block, I double-spend that transaction in the form of a "less than 512" bet at SatoshiDice. I wait a few seconds to see if I win. 99% of the time I'll lose, but if I win, I throw away the block I mined and let my winning bet confirm, otherwise I submit it to the network as normal, causing the lost bet to never be confirmed. By waiting to see if I win the bet, I risk my block being orphaned, but my expected win is enough to cover that risk so long I can bet high enough at SatoshiDice. Is there any flaw in that system? Have any steps been taken to stop it happening today?
|
|
|
Yeah, those look fine. I'm reimporting all the blocks now, which will take some time. Maybe some transactions didn't make it into the database and thus didn't get processed. I have something to prevent that now but it might have happened.
If you let me know when the reimport has finished, and what block was the newest when you ran it, I'll let you know if any transactions are outstanding after that.
|
|
|
Here's the same thing but with dates instead of block numbers on the X axis: ![](https://ip.bitcointalk.org/?u=https%3A%2F%2Fi.imgur.com%2FzpNti.png&t=663&c=NSBdAlRvDIVxbQ)
|
|
|
There are 8 bets which are more than a week old and which haven't yet been spent in a block. Every bet should be used to fund (part of) the transaction that's sent back to the bettor. What happened to these 8? I haven't yet looked through all of these but on the ones I have checked the issue seems to be from this issue in BitcoinJ: http://code.google.com/p/bitcoinj/issues/detail?id=192I can probably process some of them through by hand while we try to work on a better solution. The bottom line is for whatever reason these transactions were created with inputs from unusual (but still valid) scripts. The first 3 have weird input scripts (one paid to a pubkey, and two paid to anyone who could find an address with the correct 160 bit hash). The last 5 look pretty vanilla.
|
|
|
This satoshidice guy is pretty unlucky.
Here's a graph of how the profit for the site has been at the end of each block since it started. I don't know if it's bad luck, or if someone is cheating. ![](https://ip.bitcointalk.org/?u=https%3A%2F%2Fi.imgur.com%2FfMvjA.png&t=663&c=YdIiVFkyN0ZaWA) There was a reasonably big loss overnight. Someone bet 5 BTC twice in the same transaction: 5 BTC on "under 1500" and another 5 BTC on "under 6000". Both bets won. This seems like a good way of partially evading the low maximum bet limits, since the same random number will be chosen for all bets in a single transaction.
|
|
|
I'd suggest removing Gareth Nelson from 20th in the list. He's nowhere near as interesting as the Gareth Nelson in 5th place. And interviewing both of them could confuse people.
|
|
|
There are 8 bets which are more than a week old and which haven't yet been spent in a block. Every bet should be used to fund (part of) the transaction that's sent back to the bettor. What happened to these 8?
|
|
|
I just noticed that the script that generates the statistics doesn't know that you can send 0.0054321 BTC to an address to set the payout address for your winnings. Around 10,000 bets have used this feature. Making the script aware of this rule changes the output as follows. Note that the 'Unreturned' amount is now much smaller. The script was previously considering all bets which had their payout address set manually to be "unreturned". before after
Total Bets Made: 556967 Total Bets Made: 556967 Cumulative Wagers: 199763.41276824 BTC Cumulative Wagers: 199763.41276824 BTC Cumulative Rewards: 197018.24357055 BTC Cumulative Rewards: 199551.66924577 BTC Cumulative Fees Paid: 275.21005000 BTC Cumulative Fees Paid: 280.25147500 BTC Cumulative Unreturned: 2650.14069182 BTC Cumulative Unreturned: 65.21685976 BTC ---- ---- SD Profit on Completed Bets : -180.18154413 BTC SD Profit on Completed Bets : -133.72481229 BTC ---- ---- Since Satoshi Dice started, there have been: Since Satoshi Dice started, there have been: Blockchain Tx: 1551815 : SatoshiDice Tx: 1033193 (66.6%) Blockchain Tx: 1551815 : SatoshiDice Tx: 1043244 (67.2%) Blockchain MB: 660.2 : SatoshiDice Tx: 419.3 (63.5%) Blockchain MB: 660.2 : SatoshiDice Tx: 423.4 (64.1%)
|
|
|
Update: StrikeSapphire's maximum bet on blackjack is now $15 for new players and $25 for 'silver star' players (ie. players who have attained a certain number of 'player points'). It used to be $5 for new players, but was increased a few weeks ago. There are now two types of blackjack table available to new players: one with bets from 10c to $5 and another with bets from 25c to $15. Players with a silver star also have access to $1-$25 blackjack tables.
There's also talk of a 'gold star', but since nobody ever achieved one of those, it's unclear what that gives you access to.
|
|
|
|