Bitcoin Forum
November 23, 2017, 09:48:18 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Why does Satoshi Dice use a secret?  (Read 1833 times)
maxmint
Hero Member
*****
Offline Offline

Activity: 700



View Profile
January 17, 2013, 02:13:33 PM
 #1

I have a question about Satoshi Dice, the popular Bitcoin casino.

I don't understand why they have to use secrets when determining the lucky number for a bet.
Here's how the lucky number is made:
Quote
The lucky number [...] is simply the first bytes of hmac_sha512(secret,txid:out_idx)

Why the need for a secret here? If the "secret" wasn't a secret but a public number – what would be the problem about this?

Thanks for your enlightening comments!

(I hope this is not off topic – if so, please move to the right subforum)

My PGP-Key: 462D02D8
Verify my messages using keybase: https://keybase.io/maxmint
1511430498
Hero Member
*
Offline Offline

Posts: 1511430498

View Profile Personal Message (Offline)

Ignore
1511430498
Reply with quote  #2

1511430498
Report to moderator
1511430498
Hero Member
*
Offline Offline

Posts: 1511430498

View Profile Personal Message (Offline)

Ignore
1511430498
Reply with quote  #2

1511430498
Report to moderator
1511430498
Hero Member
*
Offline Offline

Posts: 1511430498

View Profile Personal Message (Offline)

Ignore
1511430498
Reply with quote  #2

1511430498
Report to moderator
Join ICO Now A blockchain platform for effective freelancing
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1511430498
Hero Member
*
Offline Offline

Posts: 1511430498

View Profile Personal Message (Offline)

Ignore
1511430498
Reply with quote  #2

1511430498
Report to moderator
DannyHamilton
Legendary
*
Offline Offline

Activity: 1988



View Profile
January 17, 2013, 02:24:23 PM
 #2

I believe on the same page where you found your quote, if you scroll to the top and start reading, you'll find the following answer to your question:

Quote
They are not released right away, since they could be used to submit selective transactions and win bets unfairly.

maxmint
Hero Member
*****
Offline Offline

Activity: 700



View Profile
January 17, 2013, 02:29:15 PM
 #3

Yes, I read that but I have no clue how one could "submit selective transactions".
I mean, either I send a transaction or not. Once it is sent, then it's gone and I can't manipulate it in any way – or am I stupidly missing something here?

I believe on the same page where you found your quote, if you scroll to the top and start reading, you'll find the following answer to your question:

Quote
They are not released right away, since they could be used to submit selective transactions and win bets unfairly.

My PGP-Key: 462D02D8
Verify my messages using keybase: https://keybase.io/maxmint
eb3full
VIP
Full Member
*
Offline Offline

Activity: 198


View Profile
January 17, 2013, 02:35:47 PM
 #4

If you had access to the secret beforehand, you would be able to generate transactions (without immediately broadcasting them) that win the bet by, say, treating a second txout as a "nonce" of sorts. The integrity of Satoshi Dice is achieved through the principle: the secret should be unknown to the betters, and immutable by the house.

"With four parameters I can fit an elephant, and with five I can make him wiggle his trunk." John von Neumann
buy me beer: 1HG9cBBYME4HUVhfAqQvW9Vqwh3PLioHcU
DannyHamilton
Legendary
*
Offline Offline

Activity: 1988



View Profile
January 17, 2013, 02:37:37 PM
 #5

. . . either I send a transaction or not. Once it is sent, then it's gone and I can't manipulate it in any way – or am I . . . missing something here?
If they knew the "secret" ahead of time, a halfway decent programmer could write a program to create a transaction and check the value of hmac_sha512(secret,txid:out_idx).  Then if the transaction was a winner, submit it. If it was a loser, toss the transaction out and try creating a new transaction.

Essentially they would be "mining" for winning satoshi transactions, and just like miners only submit "winning" blocks to the blockchain, this cheating programmer could submit only winning transactions to SatoshiDice.

maxmint
Hero Member
*****
Offline Offline

Activity: 700



View Profile
January 17, 2013, 02:40:48 PM
 #6

Got it, thanks for the explanation!

My PGP-Key: 462D02D8
Verify my messages using keybase: https://keybase.io/maxmint
MPOE-PR
Hero Member
*****
Offline Offline

Activity: 756



View Profile
January 17, 2013, 03:11:52 PM
 #7

Yes, I read that but I have no clue how one could "submit selective transactions".
I mean, either I send a transaction or not. Once it is sent, then it's gone and I can't manipulate it in any way – or am I stupidly missing something here?

It would seem that if a salt is not added you can simply hash the block yourself and see what it comes to, then bet accordingly.

My Credentials  | THE BTC Stock Exchange | I have my very own anthology! | Use bitcointa.lk, it's like this one but better.
DannyHamilton
Legendary
*
Offline Offline

Activity: 1988



View Profile
January 17, 2013, 04:27:55 PM
 #8

It would seem that . . .
MPOE-PR, It would seem that you are a little late to the party.  This has already been explained (twice), and the OP has acknowledged that he understands.

MPOE-PR
Hero Member
*****
Offline Offline

Activity: 756



View Profile
January 17, 2013, 05:09:41 PM
 #9

It would seem that . . .
MPOE-PR, It would seem that you are a little late to the party.  This has already been explained (twice), and the OP has acknowledged that he understands.

Thirty minutes, sucks to be me I guess.

My Credentials  | THE BTC Stock Exchange | I have my very own anthology! | Use bitcointa.lk, it's like this one but better.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!