Bitcoin Forum
December 16, 2017, 12:31:11 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Provably fair?  (Read 1737 times)
WillTat4Bitcoin
Sr. Member
****
Offline Offline

Activity: 252


View Profile
October 28, 2015, 05:37:04 PM
 #1

I'm slowly working on my own game for bitcoin. However, i'm not sure how I can go about making it provably fair. I'm new at coding and everything like that.
1513384271
Hero Member
*
Offline Offline

Posts: 1513384271

View Profile Personal Message (Offline)

Ignore
1513384271
Reply with quote  #2

1513384271
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1513384271
Hero Member
*
Offline Offline

Posts: 1513384271

View Profile Personal Message (Offline)

Ignore
1513384271
Reply with quote  #2

1513384271
Report to moderator
cloverme
Legendary
*
Offline Offline

Activity: 1260


SpacePirate.io


View Profile WWW
October 28, 2015, 06:18:26 PM
 #2

In general...

A) Pick a random boolean value
B) Generate long random string
C) Combine A and B
D) Hash value of C (using sha256 or sha512)
E) Notify the user of value of D before the game round is played and then the value of C after the game is played.

Recommend that you encrypt the value of C in transit and at rest.
Some will recommend adding client and server seeds to the hash or seeding the random string as well in B.

Avoid weak random number generators. (https://cwe.mitre.org/data/definitions/338.html)






         ▄▄▄████████▄▄▄
      ▄██████████████████▄
    ▄██████████████████████▄
  ▄██████████████████████████▄
 ▄████████████████████████████▌
▄██████████████████████████████▌
████████████████████████████████
██████▀     ▀██████▀     ▀██████
█████        ▐████▌        █████
█████        ▐████▌        █████
██████▄    ▄████████▄    ▄██████
▀█████████████▀  ▀█████████████▀
  ▀▀██████████▄▄▄▄██████████▀▀
     ▀▀██████████████████▀▀
       ████▀███▀▀███▀████
       ▀██▀ ▀█▀  ▀█▀ ▀██▀
║█║
║░║
║░║
║█║
Misiak4
Member
**
Offline Offline

Activity: 91


View Profile
October 29, 2015, 04:54:22 PM
 #3

What about using free API from RANDOM.ORG? Its pretty simple to implement :-)

Check out their API doc at https://api.random.org/json-rpc/1/

They even offer some "ready-made" (but PAID) solutions.
UserVVIP
Sr. Member
****
Offline Offline

Activity: 294


View Profile
October 29, 2015, 08:06:55 PM
 #4

You should search for it on github.

Most code is there.
Pattart
Hero Member
*****
Offline Offline

Activity: 728



View Profile
October 29, 2015, 08:13:48 PM
 #5

Is this random enough?
probably

smiletyson
Hero Member
*****
Offline Offline

Activity: 483


MGF Presale starts on 15th of November


View Profile
October 29, 2015, 11:57:22 PM
 #6

nope.
since it's a known value then it's not random anymore.

                      ▄█████▄
                ▄████████▀
            ▄████████▀      ▄███▄
        ▄████████▀      ▄███████▄
    ▄████████▀      ▄███▀▀▀▀████▄
  ████████▀      ▄███▀            ▀████
███████▀      ▄███▀      ▄▄▄      ▀████
█████▀      ▄███▀      ▄█████      ▀███
████      ▄███▀      ▄█▀        ██      ███
███      ▄█  ▀      ▄████        ██      ███
███      ██        ████▀      ▄  █▀      ███
███      ██        ▄█▀      ▄███▀      ████
███▄      █████▀      ▄███▀      ▄█████
████▄      ▀▀▀      ▄███▀      ▄███████
  ████▄            ▄███▀      ▄████████
    ▀████▄▄▄▄███▀      ▄████████▀
        ▀███████▀      ▄████████▀
            ▀███▀      ▄████████▀
                        ▄████████▀
                        ▀█████▀

                                       ███████████             ███
                                       ███████████             ███
                                       ███             ▄▄▄▄    ███
                                       ███             █████▄  ███
███     ▄███  ███▄██████▄     ▄██████  ███                ███  ████████▄
███     ███▀  ████▀▀▀▀████   ███▀▀▀▀   █████████   ▄█████████  ███▀▀▀████
███     ███   ███      ███  ███        ███████▀   ████▀▀▀████  ███    ▀███
███     ███   ███      ███  ███        ███        ███     ███  ███     ███
████▄▄▄████   ███      ███  ███        ███        ███     ███  ███    ▄███
▀██████████   ███      ███   ███▄▄▄▄   ███        ████▄▄▄████  ███▄▄▄████
  ▀▀▀▀▀ ███   ███      ███    ▀██████  ███         ▀████████▀  ████████▀
       ▄███
      ████▀


    ██  █
    ██  █
    ██
█  ██  █
█  ██  █
█  ██  █
█  ██  █
█  ██  █
    ██
█  ██
█  ██


    ██  █
    ██  █
    ██
█  ██  █
█  ██  █
█  ██  █
█  ██  █
█  ██  █
    ██
█  ██
█  ██


    ██  █
    ██  █
    ██
█  ██  █
█  ██  █
█  ██  █
█  ██  █
█  ██  █
    ██
█  ██
█  ██


    ██  █
    ██  █
    ██
█  ██  █
█  ██  █
█  ██  █
█  ██  █
█  ██  █
    ██
█  ██
█  ██
cloverme
Legendary
*
Offline Offline

Activity: 1260


SpacePirate.io


View Profile WWW
October 30, 2015, 06:09:28 PM
 #7

What about using free API from RANDOM.ORG? Its pretty simple to implement :-)

Check out their API doc at https://api.random.org/json-rpc/1/

They even offer some "ready-made" (but PAID) solutions.

This has less to do with random number generation than what OP was looking for; a way to prove that the outcome was not unfairly predetermined. As an example, one could generate a random number for a dice roll that a player bets on, then modify the random number to favor the house when the bet is large after a series of wins to generate a loss and take the player's bet. With a provably fair model, the dice roll can be verified that it wasn't tampered with after the bet was made.

You could use a service like random.org to generate the random number, but when money is involved, it's better to use a random number generator that's not from a 3rd party and uses a cryptographic random number generator. People and organizations are corruptible by money.



         ▄▄▄████████▄▄▄
      ▄██████████████████▄
    ▄██████████████████████▄
  ▄██████████████████████████▄
 ▄████████████████████████████▌
▄██████████████████████████████▌
████████████████████████████████
██████▀     ▀██████▀     ▀██████
█████        ▐████▌        █████
█████        ▐████▌        █████
██████▄    ▄████████▄    ▄██████
▀█████████████▀  ▀█████████████▀
  ▀▀██████████▄▄▄▄██████████▀▀
     ▀▀██████████████████▀▀
       ████▀███▀▀███▀████
       ▀██▀ ▀█▀  ▀█▀ ▀██▀
║█║
║░║
║░║
║█║
Pattart
Hero Member
*****
Offline Offline

Activity: 728



View Profile
October 31, 2015, 03:36:09 AM
 #8

nope.
since it's a known value then it's not random anymore.
I thought he was giving an example of a bunch of random numbers that he was generating.

crypt_bit
Newbie
*
Offline Offline

Activity: 1


View Profile
February 12, 2017, 12:26:07 PM
 #9

What would be the most likely value taken to generate Server Seed in a provably fair game, if the value of random number generated by the script is known.

Please help  Cry Cry
cloverme
Legendary
*
Offline Offline

Activity: 1260


SpacePirate.io


View Profile WWW
February 13, 2017, 05:52:03 AM
 #10

What would be the most likely value taken to generate Server Seed in a provably fair game, if the value of random number generated by the script is known.

Please help  Cry Cry

Generate a CPRNG value to use for the server seed, in C# use the RNGCryptoServiceProvider class, random_bytes() in php, and the secrets.() class in python.   

If you want to store that server seed to be revealed later in time, you should encrypt it using AES256 or higher with a complex encryption key and stored in a file system outside of the webserver contextual directories (So, don't store any keys in www/html, etc). If you want to get fancy and money is no object, you can buy a hardware device to do it for you (called an HSM).

If you're not concerned with overhead or ease of use, there's no need to keep re-using the same server seed. It just means that you can't reveal the server seed until a later point in time.



         ▄▄▄████████▄▄▄
      ▄██████████████████▄
    ▄██████████████████████▄
  ▄██████████████████████████▄
 ▄████████████████████████████▌
▄██████████████████████████████▌
████████████████████████████████
██████▀     ▀██████▀     ▀██████
█████        ▐████▌        █████
█████        ▐████▌        █████
██████▄    ▄████████▄    ▄██████
▀█████████████▀  ▀█████████████▀
  ▀▀██████████▄▄▄▄██████████▀▀
     ▀▀██████████████████▀▀
       ████▀███▀▀███▀████
       ▀██▀ ▀█▀  ▀█▀ ▀██▀
║█║
║░║
║░║
║█║
Tradescoinz
Jr. Member
*
Offline Offline

Activity: 37


View Profile
February 13, 2017, 09:55:53 PM
 #11

You should search for it on github.

Most code is there.

Watchout for backdoors.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!