Is there any way for casinos to cheat the provably fair?

[SyGambler]

I'm not sure of that
but I think when they give u the server seed and the client seed before rolling then no
I'm not sure if they can control games like slots
but I see no reason for any casino to cheat u
they will win without cheating 

[1714855370]

1714855370

[1714855370]

1714855370

[1714855370]

1714855370

[1714855370]

1714855370

[1714855370]

1714855370

[NLNico]

Every site has some small differences in the implementation of the provably fair method, some better than others. I am planning to write an article about the ways the casino could still cheat you and what the ideal provably fair method should have (IMO.) But quick overview here..

Things that can be bad for player (some already said), in random order:

- Skipping nonces (dicebitco.in)
- Using anything like bet ID or timestamp in bet result calculation
- Not giving serverseed afterwards (sounds like a joke but betcoin.ag actually did that.)
- Having a "serverseed per bet" but not a (cryptographically secure) random clientseed per bet
- "serverseed per bet" but only show/send serverseed hash on request (I think 999dice did this? tbh never been interested in that site :p)
- Not generating a new (cryptographically secure) random clientseed after getting new serverseed hash
- Generating clientseed serverside
- Browser sending clientseed before getting serverseed hash
- Not locking serverseed hash (for d/c possibilities)
- TBH even things like "not giving proper history of your own bets", "no link to verifier and/or no script" and "daily secret" are bad, since it makes it harder to easily verify your bet rolls.

And probably more, again, I am planning to write much more about it soon with specific details+examples




Ps, if one doesn't fully understand provably fair, I recommend reading my "basic article": http://dicesites.com/provably-fair

[vennali]

Every site has some small differences in the implementation of the provably fair method, some better than others. I am planning to write an article about the ways the casino could still cheat you and what the ideal provably fair method should have (IMO.) But quick overview here..

Ps, if one doesn't fully understand provably fair, I recommend reading my "basic article": http://dicesites.com/provably-fair

That would be really nice. One thing I would also highly recommend in the article is encouraging people to change client seeds specially with games like Blackjack or Roulette. As the default seeds can be set up to have the dealer win more hands despite everything being provably fair, and also Roulette can be set up to some extent to have more 0's occurring .

[NLNico]

Yes, definitely.

But actually a site should be provably fair without requiring the client to change the seed. This basically means they must generate a (cryptographically secure) random clientseed every time (on the clientside obv) -after- the user gets a new serverseed hash. Still changing the clientseed is always good, in case the implementation is bad and also because it's rather hard for most users to check the source/network data to see if the "random clientseed" was really generated properly. So yeh, ppl should always change their clientseed

[keepinquiet]

Yeah thats what i was saying when i was talking with dooglus about it, the customers there seem to be really stupid like extremely stupid, im not really sure why but seems like all of them like it there. Im not going to lie, i liked the site aswell it was simple and fast.

Now the problem is, how do you prove they are cheating for sure or anyone else that might be doing these kind of tricks? And anyways isnt most casinos online that dont use bitcoins not provably fair?

Well, that was the beauty of it. You can't prove it. Plausibly deniable provably fair.

And even with proof, there'd still be the worshipers throwing money at him anyway.

There is no way in hell a .1% edge site legitimately can make 1,000 BTC in just over 2 months.

[jeannemadrigal2]

Because most people reading this didn't see the original threads, I want to sum up what happened.

I played on 999dice and won a lot. No insignificant sum.

And then I started losing like crazy, to the tune of "an absolute fuckton" of BTC. Which is when I started looking, and noticed their scam system.

So I wrote a javascript bot that would click 'set client seed' and set it to a random value FOR EVERY ROLL. Once I did this, shockingly (I know), my horrific losing streak ended and I won back about 42 of my lost bitcoin.

Which is when the admin noticed what I was doing, and banned me from the site, and threatened to confiscate any deposits I made from then on.

So I called them out publicly, at first they didn't respond, then responded with BS accusations I had attempted to scam them first (Side note: Even if I had, that's irrelevant and has nothing to do with them cheating their customers). Once it got big and all the crypto news outlets were reporting it, they changed their system so it LOOKS like they made an improvement, but really did not. It's no better than it was before this all started. But there are the 999dice kool aid drinkers who will swear up and down it's fair (while, I'd imagine, they have never actually verified a bet there).

If you play there, you deserve to lose every penny, because you're an idiot.

("You" being figurative, this isn't directed at anyone in particular. Well, unless you play there. Then I mean you.)

Really sorry to hear that man.  Thanks for the warning and I suggest you remind us now and again.  Pat yourself on the back because I guarantee that you saved a few of us from getting scammed.  Thanks and I am sorry you had to lose so much money to find out.

[arallmuus]

I feel even if any site was to cheat by skipping rolls they would probably do it by doing it when the robot is on . That way for every 100 bets, they could skip one of the bets, and that along could give them an extra percent or more of house edge.

A small percentage for profit and a small thing that could ruin their site reputation. Once people know about this, the site will be dead as no one will be playing there again so it is safe to assume that some big sites like PrimeDice and JustDice is not doing this since it could hurt their reputation badly

Well, there is absolutely no way of knowing if a site cheats or plays against the investors as it will just be another investor. Primedice has no reason to do it as they have no investors(unless they play against the private investors , if they have any) . Can't comment on any other site as its almost impossible to know.

Yes it is indeed no way to know about this but to be honest I dont see the need of them doing this since they are getting profit from the site even without doing this. Most Site are designed at 1 % house edge and in most site the average profit is above 1 % . As for PrimeDice, I believe Stunna got the biggest stake there so he doesnt need to do this thing either as the profit will mostly goes to him.

[DiamondCardz]

Sometimes, depending on the casino. My favourite post about this is this absolute gem on /r/Bitcoin. It's a decently long read, but it's very insightful.

That's not to say that a casino can't be properly provably fair, it's such some implementations can make it not so provably fair. Sites that are on-Blockchain and provably fair can't fall to those kinds of exploits.

[vennali]

Well, there is absolutely no way of knowing if a site cheats or plays against the investors as it will just be another investor. Primedice has no reason to do it as they have no investors(unless they play against the private investors , if they have any) . Can't comment on any other site as its almost impossible to know.

Yes it is indeed no way to know about this but to be honest I dont see the need of them doing this since they are getting profit from the site even without doing this. Most Site are designed at 1 % house edge and in most site the average profit is above 1 % . As for PrimeDice, I believe Stunna got the biggest stake there so he doesnt need to do this thing either as the profit will mostly goes to him.

Well, its hard to comment on how the other person or the site owner is. Not every site is profitable, and they might not have such a big satisfactory profit they want to have.

[XinXan]

Yeah thats what i was saying when i was talking with dooglus about it, the customers there seem to be really stupid like extremely stupid, im not really sure why but seems like all of them like it there. Im not going to lie, i liked the site aswell it was simple and fast.

Now the problem is, how do you prove they are cheating for sure or anyone else that might be doing these kind of tricks? And anyways isnt most casinos online that dont use bitcoins not provably fair?

Well, that was the beauty of it. You can't prove it. Plausibly deniable provably fair.

And even with proof, there'd still be the worshipers throwing money at him anyway.

There is no way in hell a .1% edge site legitimately can make 1,000 BTC in just over 2 months.

Yep, but if you expose them and they chose to do nothing, well actually to change their system to another shitty system that does the same thing, its pretty much proof of their scam.

You have been answering my question with your posts, exposing a few casinos and their provably fair, thanks for that. I was sure many casinos cheated the provably fair system but now im sure.