Rollin.io is a scam !/?

[ndnh]

In advance you get "server_hash" which is a combination of "server_seed + random_seed".

The result is generated by the server_seed and the client_seed (latter is generated in the browser.) You can check that the server_seed was not changed after making the bet, by verifying the hash in combination with the random_seed. They don't know your client_seed in advance so they cannot calculate the end result before you bet. This makes Rollin provably fair. There is no way for Rollin to cheat without you noticing (if you verify the hash.)

That is a nice explanation.

[1715486557]

1715486557

[1715486557]

1715486557

[1715486557]

1715486557

[maxhor]

-snip-

Thanks to NLNico to make clear this situation about rollin and i am also satisfied with this explanation so after this no doubt it 100% provably fair.

[ndnh]

I think OP is missing is this:

A key aspect of cryptographic hash functions is their collision resistance: nobody should be able to find two different input values that result in the same hash output.

[Juliete_rollin]

In advance you get "server_hash" which is a combination of "server_seed + random_seed".

The result is generated by the server_seed and the client_seed (latter is generated in the browser.) You can check that the server_seed was not changed after making the bet, by verifying the hash in combination with the random_seed. They don't know your client_seed in advance so they cannot calculate the end result before you bet. This makes Rollin provably fair. There is no way for Rollin to cheat without you noticing (if you verify the hash.)




Why not just use server_seed without random_seed? I am guessing it is like an extra protection against brute-forcing the server_seed. Originally that comes from systems that don't give a server_seed but a server_roll_number (which would be easily brute-forced without extra random_seed.) But since their server_seed is long enough, I am pretty sure they could remove the random_seed indeed. However, currently the site is just as well provably fair.

Ideally they would use the "nonce-method" too, because in theory for perfect provably-fair-usage, currently you should copy hash, change client_seed, verify, etc after each bet. But technically their implementation is fine for a "per roll" implementation (correctly generates random client_seed in browser, etc.)



I BTW made a verifier for Rollin here: https://dicesites.com/rollin/verifier and an article about provably fair for those who want to learn the basics here: https://dicesites.com/provably-fair

Hello sir,

Very well, after read, you are right and i agree with you, however, let me point it out that since long before the cryptographic hash collisions always exist, sha256 its not exception, making a fast search you can find articles like this about that matter:

http://crypto.stackexchange.com/questions/24732/probability-of-sha256-collisions-for-certain-amount-of-hashed-values

I don't see why the need of the random seed be in their hands until the end of the roll, because with an hash collision the hash can be that one that they show or some other as we can read in the article above . I don't see the need of it and i find it shady stuff (and since when you send the bet request they get your client seed, and then server reply with what ever the output it is, they can do what ever they want to the random seed), however thanks for at last some technical explanation. I'm convinced that if they try  to add one extra lets call it " protection " like the random seed is cause they are accustomed to do monkey business and that could be used for protection of the casino but as well for user prejudice.

Regards 

[Juliete_rollin]

-snip-

Thanks to NLNico to make clear this situation about rollin and i am also satisfied with this explanation so after this no doubt it 100% provably fair.

Hello sir

I'm sorry for disagree but NLNico just proved no doubt that it 100% do his homework and know what writes about what writes when he writes, rollin still shady until one seed that can be more than one be in their hands until the end of the roll, and even, why they bordered to create that extra seed, can be for good, can be for evil.

Regards

[ndnh]

I don't see why the need of the random seed be in their hands until the end of the roll, because with an hash collision the hash can be that one that they show or some other as we can read in the article above . I don't see the need of it and i find it shady stuff (and since when you send the bet request they get your client seed, and then server reply with what ever the output it is, they can do what ever they want to the random seed), however thanks for at last some technical explanation. I'm convinced that if they try  to add one extra lets call it " protection " like the random seed is cause they are accustomed to do monkey business and that could be used for protection of the casino but as well for user prejudice.

Regards  

Hash collisions exist, of course, because the number of characters in a hash is limited. But finding a collision is near impossible. And your argument is that Rollin (and every other dice site, because your argument holds to the same degree for any other provably fair system) generates another seed with the same hash in a second? (not possible in millions of years I think)

Why don't they just brute-force all the bitcoin private keys instead?
Edit: er.. after they mine all the bitcoins

[ndnh]

I'm sorry for disagree but NLNico just proved no doubt that it 100% do his homework and know what writes about what writes when he writes, rollin still shady until one seed that can be more than one be in their hands until the end of the roll, and even, why they bordered to create that extra seed, can be for good, can be for evil.

Why just Rollin?

By your logic, Primedice, BitDice, BetKing just about every dice site with a provably fair system can find another seed with the same hash lol.
And there can be no provably fair system.

[Juliete_rollin]

I'm sorry for disagree but NLNico just proved no doubt that it 100% do his homework and know what writes about what writes when he writes, rollin still shady until one seed that can be more than one be in their hands until the end of the roll, and even, why they bordered to create that extra seed, can be for good, can be for evil.

Why just Rollin?

By your logic, Primedice, BitDice, BetKing just about every dice site with a provably fair system can find another seed with the same hash lol.
And there can be no provably fair system.

Hello sir

Because those sites that you just mentioned use a clear fair system of client seed that only client know and server hash that client know it too before the roll, it don't pop up from no where a third seed that can be for security but can be for monkey business as well.

Regards

[ndnh]

Because those sites that you just mentioned use a clear fair system of client seed that only client know and server hash that client know it too before the roll, it don't pop up from no where a third seed that can be for security but can be for monkey business as well.

Every site I know uses a slightly different method of provably fair system.

For Rollin, the server seed and a random seed is used to get the server hash.
Both the server seed and random seed is not shown to the player. (you can see it as one)
The hash is shown to the player.

Once the roll is made, both server seed and random seed is shown to the player, who can hash it see that they are the same.

You can see that both the server seed and random seed can be taken as a single unknown string for which the hash is disclosed before the roll, which is exactly the same provably fair mechanism most off-chain dice sites use.

[LiQuidx]

I'm sorry for disagree but NLNico just proved no doubt that it 100% do his homework and know what writes about what writes when he writes, rollin still shady until one seed that can be more than one be in their hands until the end of the roll, and even, why they bordered to create that extra seed, can be for good, can be for evil.

Why just Rollin?

By your logic, Primedice, BitDice, BetKing just about every dice site with a provably fair system can find another seed with the same hash lol.
And there can be no provably fair system.

Hello sir

Because those sites that you just mentioned use a clear fair system of client seed that only client know and server hash that client know it too before the roll, it don't pop up from no where a third seed that can be for security but can be for monkey business as well.

Regards

So your issue is that you don't understand how the server seed is generated or that there's and extra layer of protection against brute forcing the hash? Either way this topic should be closed since it's obvious that the scheme stands and it is provably fair.

[Juliete_rollin]

Because those sites that you just mentioned use a clear fair system of client seed that only client know and server hash that client know it too before the roll, it don't pop up from no where a third seed that can be for security but can be for monkey business as well.

Every site I know uses a slightly different method of provably fair system.

For Rollin, the server seed and a random seed is used to get the server hash.
Both the server seed and random seed is not shown to the player. (you can see it as one)
The hash is shown to the player.

Once the roll is made, both server seed and random seed is shown to the player, who can hash it see that they are the same.

You can see that both the server seed and random seed can be taken as a single unknown string for which the hash is disclosed before the roll, which is exactly the same provably fair mechanism most off-chain dice sites use.

Yes sir, i get that from the beginning, my point is that you don't know the random seed even knowing the server hash, the server seed and the suppose random seed, since there is a possibility of hash colliding, and change seeds changing output as well, and as i could find out this morning they use powerful amazon servers... I find the verify system shady, obscure, not ethical. Thas why the topic of the post is rollin is a scam !/? and not rollin is a scam!!! anyway i will not dare to put my money in their funny new creative fair system.

regards

[LoyceV]

NLNico (who knows much more about this than I do) and ndnhc have explained already how hashes work. The server hash includes the random seed, and you can not adjust the random seed at will while keeping the same server hash.
That being said, this scam accusation is what it is: an accusation, and nothing more than that.

Nice twist BTW, I did not tell you to open a spam-accusation-topic, I told you the hashes were discussed in the existing topic here: https://bitcointalk.org/index.php?topic=687571.msg12137676#msg12137676

Now the facts
Mod Loyce here. Before I became moderator at rollin.io, one Mod (asd) lost his Mod-status due to his rage issues. This was about half a year ago. Since then he's been spamming rollin's Chatter Box. He uses his own internet provider with dynamic IP addresses, anonymous proxies, and VPNs to do so. Rollin Admin has been more than kind to him, much more than he deserves in my opinion, and countless users and Mods have tried to talk to him. He has money problems, drinking problems, gambling problems, drugs problems, and so on. He blames everybody except himself, especially Admin, and keeps saying he wants his money back. Once he has money, he gambles until he loses it again. Then the rage starts. This spam in chat goes on for days in a row, as it's very easy to make a new account on rollin. Sometimes it stopped, for instance when he had a temporary job, but he always comes back.

I'm saying this in public now, as it explains why this person wants to accuse rollin falsely. I'm not so worried about his privacy, as "asd" does not tie him to any real life connection. Everybody who has ever used rollin's Chatter Box knows who I'm talking about though.

asd: get help!

[Juliete_rollin]

NLNico (who knows much more about this than I do) and ndnhc have explained already how hashes work. The server hash includes the random seed, and you can not adjust the random seed at will while keeping the same server has.
That being said, this scam accusation is what it is: an accusation, and nothing more than that.

Nice twist BTW, I did not tell you to open a spam-accusation-topic, I told you the hashes were discussed in the existing topic here: https://bitcointalk.org/index.php?topic=687571.msg12137676#msg12137676

Now the facts
Mod Loyce here. Before I became moderator at rollin.io, one Mod (asd) lost his Mod-status due to his rage issues. This was about half a year ago. Since then he's been spamming rollin's Chatter Box. He uses his own internet provider with dynamic IP addresses, anonymous proxies, and VPNs to do so. Rollin Admin has been more than kind to him, much more than he deserves in my opinion, and countless users and Mods have tried to talk to him. He has money problems, drinking problems, gambling problems, drugs problems, and so on. He blames everybody except himself, especially Admin, and keeps saying he wants his money back. Once he has money, he gambles until he loses it again. Then the rage starts. This spam in chat goes on for days in a row, as it's very easy to make a new account on rollin. Sometimes it stopped, for instance when he had a temporary job, but he always comes back.

I'm saying this in public now, as it explains why this person wants to accuse rollin falsely. I'm not so worried about his privacy, as "asd" does not tie him to any real life connection. Everybody who has ever used rollin's Chatter Box knows who I'm talking about though.

asd: get help!

Hello sir,

I appreciate that this thread helped you to tell me the story of your life, i hope the Chatter Box live long and healthy, i hope the "asd" stay away from drugs and alcohol ( don't do that kids, keep yourselves in school ). However the random seed is shady and manipulatable. And thank you for banning me from the Chatter Box so i was motivated to open the thread here where more brilliant minds can expose those ideas openly, and with more knowledge about the verification systems around the place. I'm more in-lighted, but not convinced.

Regards

[NLNico]

They cannot just change the random_seed, because the SHA-256 server_seed_hash that you got before the game would be different. The probability of them changing the random_seed to a new one with the same hash (hash collision) is practically impossible. Also, that random_seed is not even used for the result calculation, so there is no point in changing that lol? If they change the random_seed, the result will be still the same (and the hash will be different = error on verifying.)

Only changing the server_seed would give a different result, but again, they cannot change that either without changing the hash (and therefor cheating in such way would be detectable if the user takes the time to verify the hash - that's exactly what provably fair is about.)

If it would be possible to change the server_seed to something else (while keeping the same hash), then all provably fair methods on all sites would be broken. Actually I am pretty sure at that point some parts of bitcoin and the internet will be broken too, so yeh..







Still, I don't really see any point of using that extra random_seed since the server_seed itself is already too difficult to brute force anyway. Like I said, I expect it's from being "overprotective" when building their implementation and looking at implementations that used server_roll instead of server_seed at that time. But it is not shady and there site is equally provably fair with or without that random seed.

[Juliete_rollin]

They cannot just change the random_seed, because the SHA-256 server_seed_hash that you got before the game would be different. The probability of them changing the random_seed to a new one with the same hash (hash collision) is practically impossible. Also, that random_seed is not even used for the result calculation, so there is no point in changing that lol? If they change the random_seed, the result will be still the same (and the hash will be different = error on verifying.)

Only changing the server_seed would give a different result, but again, they cannot change that either without changing the hash (and therefor cheating in such way would be detectable if the user takes the time to verify the hash - that's exactly what provably fair is about.)

If it would be possible to change the server_seed to something else (while keeping the same hash), then all provably fair methods on all sites would be broken. Actually I am pretty sure at that point some parts of bitcoin and the internet will be broken too, so yeh..







Still, I don't really see any point of using that extra random_seed since the server_seed itself is already too difficult to brute force anyway. Like I said, I expect it's from being "overprotective" when building their implementation and looking at implementations that used server_roll instead of server_seed at that time. But it is not shady and there site is equally provably fair with or without that random seed.

Fair enough sir, i understand, glad to read you, i feel more in-lighted now. Thanks for the explanation.

Regards

[karakhan]

is it possible to take same hash after changing both server seed and random seed?

[LoyceV]

is it possible to take same hash after changing both server seed and random seed?

Short answer: no.

Long answer: the required computation power exceeds all imagination. So no.

Did you know that ALL bitcoin private keys can be found on this website? http://directory.io/ !
Just pick the right page, and you'll find wallets containing thousands of bitcoins. There are only 904625697166532776746648320380374280100293470930272690489102837043110636675 pages so you can imagine it's quite hard to find the right page... It's the same with hashes: creating a hash out of a seed is easy. Creating a seed that fits that specific hash is virtually impossible. Which is the whole purpose of using a hash.

[Alexastrozombies666]

I see morons post things like "well my account is pisitive" it want cheat a 2 cent bet. provably fair = provably scam, just that simple.

[Zeroxal]

I see morons post things like "well my account is pisitive" it want cheat a 2 cent bet. provably fair = provably scam, just that simple.

Probably fair is here to proof that the game is fair and no one scan scam/cheat - not the player nor the house. It depends on the luck, not everyone has the luck to make profit from gambling sites. There is always a lower with every winner and vice versa.
No idea what you are trying to say with "it want cheat a 2 cent bet". So you say the player is scamming the house?

[Alexastrozombies666]

You think they are in buisness because their websites are "fair" your joking right? Here is a defenition of provably fair " algorithm which can be analyzed and verified for fairness on the part of the service operator." thats right, the number is not generated until you place a bid, only then is the seed "randomly" generated, you dont see a problem with that? Its no different then calling head or tails on a coin flip, right after it was flipped already, and you can visually see the coin.