hey man! why i get red trust? i don't know about you.. i'm student only and installed blockchain api to btcmasterz. but he paid me btc.. why think that i'm scammer?
|
|
|
please explain it..
How can I check that is fair? what mean this Formula? ((client_seed * 9) Mod 16) + 1 = final order in server seed
Server seed hash: 03de7fb61b0409209a3111742122cc9e2992e6c17aabafeefae479cb8592f3a0 Client seed: 613839611 Set client seed for next spin
Old server seed: Old client seed:
Formula: ((client_seed * 9) Mod 16) + 1 = final order in server seed
Served seed values: 0 = 1.25x 1 = 0.25x 2 = 2x 3 = 0x 4 = 2x 5 = 0.25x 6 = 2x 7 = 0.25x 8 = 1.5x 9 = 0.25x 10 = 1.25x 11 = 0x 12 = 3x 13 = 0x 14 = 1.5x 15 = 0.25x
|
|
|
How works this provably fair?? (i not understand) Can increase house edge?
have you setup min and max bet?
Thanks
Hi, you can't increase the house edge as it's provably fair.. You can setup min and max bet with no problem, though. Johny how change min max bet? have intsruction?
|
|
|
How works this provably fair?? (i not understand) Can increase house edge?
have you setup min and max bet?
Thanks
|
|
|
This is getting funnier and funnier i understood that this scam! all proof now. i want create own gamble site.. could you help me friend?
|
|
|
Should be noted that although OP is an obvious scammer, in theory players can easily cheat him too (if he really pays out based on those hashes.) It's very easy to brute-force those MD5 hashes and figure out the "string" (and therefor the result.) Still if OP keep changing the hash after a bet, obviously you risk being scammed when you try to cheat too.
I think is not scam. I checked it.. win paid, hash not change. that think that scam I understand.. You are pretty obviously the owner of this site. Your English skills are on the same level. You asked some questions on how to make such a site - a week before launching this site. Then you didn't post anything after that. But now you are back, only to put a lot of effort/posts on defending this site, claiming it's legit. Are you getting a bit hopeless? i'm not owner.. I learning code and programming. and I interested why md5 hash is scam..
|
|
|
where proof? I checked and it work. where changed hash? I'm not understand..
|
|
|
Should be noted that although OP is an obvious scammer, in theory players can easily cheat him too (if he really pays out based on those hashes.) It's very easy to brute-force those MD5 hashes and figure out the "string" (and therefor the result.) Still if OP keep changing the hash after a bet, obviously you risk being scammed when you try to cheat too.
I think is not scam. I checked it.. win paid, hash not change. that think that scam I understand..
|
|
|
I see md5 hash before bet http://rollincoin.com/provably_fair_md5.phpI found some info: What's Next Game Hash? When you play HEAD or TAIL, our system show the winning BEFORE you begin to play, and displays the result on the page in an encrypted way, called Next Game Hash, for example e3d609a53bfe3c59db30813e6a65273a (It means that we had your result before you place your choice). For each game we generate a randomized key, of 26 characters long, for example 4f68e3a6f93bf4208457634aa7, then we organize the winning face and the key like this: HEAD/4f68e3a6f93bf4208457634aa7 or TAIL/4f68e3a6f93bf4208457634aa7 and we calculate the MD5 hash of this string. In our example, the MD5 hash of TAIL/4f68e3a6f93bf4208457634aa7 is 41799624d9e08e4552843c32aa96fc4b, so the results of the game must be HEAD. MD5 is a strong encryption algorithm that cannot be broken today and where each MD5 string matches with one unique non encrypted string. You can find MD5 generators here. That last statement isn't true... MD5 is a weak encryption algorithm that can be broken today, and each MD5 string can match with an infinite number of unique non encrypted strings (just like any hashing algorithm, including SHA256). This description does not match the procedure executed by the site. The string hashed is not HEAD/<26 characters>, it is "win" or "lose", a colon, and the decimal representation in plain text of the secret key. Not sure where you found this text, but it doesn't describe this game. This site requires that you browse the provably fair page to see the next game hash. If someone else plays, your hash is taken. Also, those displayed hashes have changed on at least two recorded (and independently verifiable) occasions, rendering the entire "provably" part irrelevant. The site has already been positively identified changing hash listings after a wager is received. View the wayback machine to see that the listed hashes have been changed from the posted hashes. Even if the system presented were actually fair (it's not), the game itself is not fair because the hashes presented are not always the hashes of the data played against. This is not provably fair - and actually not fair at all, it will change the result of your bet. Payment does not indicate "not a scam". Ponzi's pay out until they run out of money, but they're just as scammy. I have demonstrated mathematically that the system professed by this site is not only unfair and unreliable but also incorrectly implemented in a manner that can only be qualified as "cheating". Even if the site pays, if it has to cheat to maintain an edge, it's a scam. if it scam... why paid 0.2btc now??
|
|
|
Please read the scam accusation thread for proof. Be careful, this is a confirmed scam. if scam.. why he paid 0.2 btc?? i'm not understand
|
|
|
This post does not represent LuckyBit and is the personal opinion of stingleword.
Are you fucking kidding me?!!!!!
Since all of us over at LB are laughing about this situation, I went to the trouble to investigate the RollinCoin Provably Fair system myself. I have got to say that this is 100% useless and you would get a better game if you sat behind the computer with a coin and flipped it yourself.
1. There is absolutely no explanation of how it works. The user is left to figure it out himself. Hardly "provable"! 2. After some wrangling, we determined that the formula is MD5(("win"|"lose")+":SecretKey="+secretKey) to generate the hash. 3. The secret key has no bearing on the game result - as far as I can tell, it does nothing. 4. The user's TXID doesn't affect the game result, either - there is literally no data with which to duplicate the result. 5. The results of a game are not provably fair, are not verifiable and the method by which the results are derived is not transparent.
6. Therefore, I conclude that not only is this game not Provably Fair, it is NOT FAIR AT ALL.
The previous post does not represent LuckyBit and is the personal opinion of stingleword. Sometimes this is required when he posts about things that might be work-related, but when not operating in a work capacity.
Hello, I investigate this provably fair too. this really provably fair system, because md5 hash pre generated before bet. so working with md5 hash lot of casinos in the world https://igames365.com/provably-fair and more Thus you can easely verify that the game has been provably fair. Simply copy and paste the “secret string” into any online MD5 checker (e.g. Online MD5. http://onlinemd5.com/Provably fair requires that it be provable. But I can't prove anything because the hash of my game isn't presented to me before I play - and when I do play, I don't have a guarantee that the hash presented will be the hash played against (we have proof-of-alteration on the books). Furthermore, MD5 is very weak and could be bruteforced. Judging from the recent bet list, someone has already defeated the system. I see md5 hash before bet http://rollincoin.com/provably_fair_md5.phpI found some info: What's Next Game Hash? When you play HEAD or TAIL, our system show the winning BEFORE you begin to play, and displays the result on the page in an encrypted way, called Next Game Hash, for example e3d609a53bfe3c59db30813e6a65273a (It means that we had your result before you place your choice). For each game we generate a randomized key, of 26 characters long, for example 4f68e3a6f93bf4208457634aa7, then we organize the winning face and the key like this: HEAD/4f68e3a6f93bf4208457634aa7 or TAIL/4f68e3a6f93bf4208457634aa7 and we calculate the MD5 hash of this string. In our example, the MD5 hash of TAIL/4f68e3a6f93bf4208457634aa7 is 41799624d9e08e4552843c32aa96fc4b, so the results of the game must be HEAD. MD5 is a strong encryption algorithm that cannot be broken today and where each MD5 string matches with one unique non encrypted string. You can find MD5 generators here.
|
|
|
This post does not represent LuckyBit and is the personal opinion of stingleword.
Are you fucking kidding me?!!!!!
Since all of us over at LB are laughing about this situation, I went to the trouble to investigate the RollinCoin Provably Fair system myself. I have got to say that this is 100% useless and you would get a better game if you sat behind the computer with a coin and flipped it yourself.
1. There is absolutely no explanation of how it works. The user is left to figure it out himself. Hardly "provable"! 2. After some wrangling, we determined that the formula is MD5(("win"|"lose")+":SecretKey="+secretKey) to generate the hash. 3. The secret key has no bearing on the game result - as far as I can tell, it does nothing. 4. The user's TXID doesn't affect the game result, either - there is literally no data with which to duplicate the result. 5. The results of a game are not provably fair, are not verifiable and the method by which the results are derived is not transparent.
6. Therefore, I conclude that not only is this game not Provably Fair, it is NOT FAIR AT ALL.
The previous post does not represent LuckyBit and is the personal opinion of stingleword. Sometimes this is required when he posts about things that might be work-related, but when not operating in a work capacity.
Hello, I investigate this provably fair too. this really provably fair system, because md5 hash pre generated before bet. so working with md5 hash lot of casinos in the world https://igames365.com/provably-fair and more http://csgoblackjack.com/provably-fairThus you can easely verify that the game has been provably fair. Simply copy and paste the “secret string” into any online MD5 checker (e.g. Online MD5. http://onlinemd5.com/
|
|
|
WARNING: This method can go wrong if the user sent from an exchange account or some other method that the user does not directly control, or if they sent an old-style multisig tx, or a non-standard tx. It is NOT recommended. But you asked.
The basic idea is to look at the first address entry of the vout structure of the first vin of the transaction the user sent to you. ie: tx.vin[0].vout.addresses[0] This is a little convoluted to obtain with stock bitcoind, because gettransactions does not include any vout.addresses field. So we need to do it in two steps. Step 1. ./bitcoin/src/bitcoin-cli getrawtransaction <txid> 1
Then you will see output like this: { "txid" : "...", "version" : 1, "locktime" : 0, "vin" : [ { "txid" : "<first_vin_txid>", "vout" : 0, "scriptSig" : { "asm" : "...", "hex" : "..." }, "sequence" : 0 }, ... }
Notice the vout in this case is 0. So now, let's find the matching vout for <first_vin_txid>. Step 2. ./bitcoin/src/bitcoin-cli getrawtransaction <first_vin_txid> 1
{ ... "vout" : [ { "value" : <amount>, "n" : 0, "scriptPubKey" : { "asm" : "...", "hex" : "...", "reqSigs" : 1, "type" : "pubkeyhash", "addresses" : [ "1GN..." ] } }, ...
Ok, we find the vout where "n" matches "vout" from the vin we looked at in the orig transaction. In this case "n" and "sequence" are both 0. Therefore 1GN... is the address associated with the first input of the orig transaction. ie, this address contributed <amount> of funds. Note that: 1) There may be one vin or multiple vin in the orig tx. ie, outputs from multiple tx may have been consolidated into one. It should be relatively safe to always choose the first vin. 2) There may be multiple values in the "addresses" field, eg if type = multisig. in this case, you should probably abort. again, don't do this. ;-) but luckyb.it too, no need enter wallet..
i think that can get player wallet, but i don't know how..
do you have idea?
OK, Thank you very much! "2) There may be multiple values in the "addresses" field, eg if type = multisig. in this case, you should probably abort." If multiple values in the "addresses" field, eg if type = multisig... Can i choose any address or first?
|
|
|
If you potentially need to send refunds then the only correct way is to ask the user to provide a refund address at the time of payment. The concept of a single guaranteed "from address" simply does not exist in bitcoin. how resolve this problem? what function rpc-api need use?
i need know sender wallet for refund amount.. that how works secondstrade.com ? player send to address. if win that receive win to back. no need enter player address They guess and hope they are correct. If they are not, they blame the user for not reading #3 of their "how to play"[1] [1] http://secondstrade.com/howtoplay.htmlbut luckyb.it too, no need enter wallet.. i think that can get player wallet, but i don't know how.. do you have idea?
|
|
|
If you potentially need to send refunds then the only correct way is to ask the user to provide a refund address at the time of payment. The concept of a single guaranteed "from address" simply does not exist in bitcoin. how resolve this problem? what function rpc-api need use?
i need know sender wallet for refund amount.. that how works secondstrade.com ? player send to address. if win that receive win to back. no need enter player address
|
|
|
-snip- my script get hash, amount etc.. but i need wallet of player.
There is no simple way to get the "sending address"[1]. You have to check the inputs, but more often than not there will be several inputs. Its better to let the user set an address you store in your database along with their other information. txid = dc8697d1afd6c7ac2f667cd3239e19bf227a7b5ce8be64b2f8bb3c626979425b # "random" one from the block to the hash that Polyatomic posted. raw_tx = getrawtransaction(txid) decoded_tx = decoderawtransaction(raw_tx)
within decoded_tx you will find a "vin" section with a value "vout" and a txid. If you check each of the txids you will see that they have a "vout" section. The outputs that created the inputs that are used in the TX you received. Find the one where "vout" matches "n" and look up its address. In this example there are 4 inputs, all "from" the address "1NgrpJJj2PMj9RsHutVK7vf8dchcpfM4YZ", but you need to decide how you want to handle different addresses. IIRC the data is mixed formatted, arrays within JSON, but that might be different for PHP. [1] there is no such thing ok. i will experience.. but how make it secondstrade.com ? bet is send to address only. no need enter player wallet AFAIK they do it in this crude way, same as most ponzi "games". If they warn you not to use certain wallets, they almost always just assume which is your address. This can fail horribly if your customer/user uses a wallet where they share addresses with others or use something like CoinJoin. A common example for shared wallets are most exchanges. You have your own deposit address, but when you withdraw the coins come from a different address. If you return coins to the address they came from they will be credited to a different account (if at all). thanks for your answer sir. i have problem get who send payment.. for example this hash: 3d919bf7929b983954e9c439348649e11ba21f8f740530aa4ecbbd3c5f496071 You are asking "who" but there is no such info on the blockchain. The inputs the TX uses have been received on two addresses, which is exactly what I warned you about. There is no right answer to this. Its possible that the sender controls both, one or none of the addresses the coins came "from". a64020eea0719df9318e185d1a44cea8f9b5e872ced67e1e746fe1b9fbb6670c
who sent payment? could you help me please
That one has a confirmed double spend -> https://blockchain.info/tx/3a07b7957cf29d267cd8c20fbd5eb8824366096e09d722d888ce635098851b70The inputs the TXs use came from a single address '15iET5Zp3GdXkp2sbUvsenUysFCAzoW1Fq', but same here its possible that the person behind the coins controls it or not. how resolve this problem? what function rpc-api need use? i need know sender wallet for refund amount..
|
|
|
-snip- my script get hash, amount etc.. but i need wallet of player.
There is no simple way to get the "sending address"[1]. You have to check the inputs, but more often than not there will be several inputs. Its better to let the user set an address you store in your database along with their other information. txid = dc8697d1afd6c7ac2f667cd3239e19bf227a7b5ce8be64b2f8bb3c626979425b # "random" one from the block to the hash that Polyatomic posted. raw_tx = getrawtransaction(txid) decoded_tx = decoderawtransaction(raw_tx)
within decoded_tx you will find a "vin" section with a value "vout" and a txid. If you check each of the txids you will see that they have a "vout" section. The outputs that created the inputs that are used in the TX you received. Find the one where "vout" matches "n" and look up its address. In this example there are 4 inputs, all "from" the address "1NgrpJJj2PMj9RsHutVK7vf8dchcpfM4YZ", but you need to decide how you want to handle different addresses. IIRC the data is mixed formatted, arrays within JSON, but that might be different for PHP. [1] there is no such thing ok. i will experience.. but how make it secondstrade.com ? bet is send to address only. no need enter player wallet AFAIK they do it in this crude way, same as most ponzi "games". If they warn you not to use certain wallets, they almost always just assume which is your address. This can fail horribly if your customer/user uses a wallet where they share addresses with others or use something like CoinJoin. A common example for shared wallets are most exchanges. You have your own deposit address, but when you withdraw the coins come from a different address. If you return coins to the address they came from they will be credited to a different account (if at all). thanks for your answer sir. i have problem get who send payment.. for example this hash: 3d919bf7929b983954e9c439348649e11ba21f8f740530aa4ecbbd3c5f496071 a64020eea0719df9318e185d1a44cea8f9b5e872ced67e1e746fe1b9fbb6670c who sent payment? could you help me please
|
|
|
|