Weakness on Provably-fair system !

[Danydee]

The common provably fair system work as follow:

 A server seed of wich the hash is provided to the player before the rolling + A client seed wich is in some way mixed to server seed to make the roll resut!
This can ensure that the result can't be modified or manipulated..

 .. But there is still a issue (vulnerability) there, that if the site get know of the client seed they can manipulate the results as they want.. and for example while playing with (Auto-bet) and so they can predict the users bet or in some games where there is no user inputs/intervention in regards to the outcome/result, the "System" turns to be completely obsolete !


 
 So.. is possible to overcome the problem simply by setting an online open-source tool, or a widget that can be integrated "embedded" on the casino page and provide the casino with just the hash of the (client seed + a nonce)!



 
 
 So what do you about it ?!  Is there someone to make this up ?  

[STT]

Reminds me of a Twitch streamer who gained access to the provable fair system because he was the operator of that site apparently, name of PhantomLord.   So he could determine best when the odds of him winning were highest and so make a big deal of it on his stream even though it was all very circular it would help his wins look big.    I dont quite understand how he could use it so easily but obviously having the help of admin on that particular site in real time was a key part of it.   If you wanted a case to look into possible avenues of abuse that'd be the case history known about.
  I couldnt immediately find a good source but in the end he sued twitch and won somehow though it was purely nominal only; he is known as a scammer and has not made it back to the top level he was at prior to being discovered in the deception.

[edgycorner]

Your post doesn't really explain the vulnerability.

Sure, there's could be a problem with the autobet feature and it could be manipulated. You could write your own javascript in that case and randomize client seed before each roll. Problem solved.
As for normal dice bets(i.e. without site's own autobet bot), if the result can be verified later on then it's indeed fair.

I do remember a thread about Stake where OP was complaining about their autobet bot. Stake announced an unofficial reward if someone can prove it or reproduce the same event(like autobet stopping abruptly during a red streak).


Poeople really don't care about fairness anymore. For some reason they are hooked to slots now lol, the most stupid and idiotic method of gambling .-.

[Danydee]

Sure, there's could be a problem with the autobet feature and it could be manipulated. You could write your own javascript in that case and randomize client seed before each roll. Problem solved.

 I have seen sites in the past that restricting the modification of client seed, example: no more than one time per minute..

You could write your own javascript in that case and randomize client seed before each roll. Problem solved.

 That could be great, but it needs to someone creat it and make it available for everyone.. but it still can there a issue here, they can put a script on the webpage for sniffing the seed.. a casino who is ready to manipulate the results would surely make this!


 
 Instead, In the case of creating an open online tool, that provide a (external to the casino site) element that can be embedded in the game page in way to ensure that there's cannot be any alteration, there is a great odds that the tool became very quickly popular and so being largely adopted !

[mu_enrico]

True, therefore the provably fair system is not that good for auto spin/roll with lots of results generated with only one server seed. It works best for a single bet when users can change their client seed on each roll, assuming they are playing and not wasting time with bots. Also, don't forget the most important thing that is often overlooked is the verification process. Without verifying your bet, there's no such thing as "provably fair."

Anyway, even with a perfect provably fair system. It's no use if the games have low quality.

[Daltonik]

Casinos must carry out their activities on the basis of the issued license, but who prevents them from making changes between verification periods, but any single game can certainly be checked by a third-party service for compliance with provably fair.