Hello everybody!
This tutorial was made by the
PlayBitcoinGames team, we are still pretty new here but we wanted to help the community in some way, so we had this idea to help anybody who needs to understand how to correctly verify if a casino has provably fair games
In brief,
Provably Fair means that the results of the games are chosen
before your wager and they won't be changed or affected by any factor (like the amount of your bet), and there is a way to verify it. This is done to ensure that the games are totally fair for the players and the casino is not manipulating the results based on the bets.
So, let's start with the tutorial already!
(I will use a red color to refer to the un-encrypted results, and a green color to refer to the encrypted results).The first and most important part: the casino
must give the result of the next bet
before the wager, this way you can be sure that the result won't be affected by the amount of your bet or by any other factor.
But, obviously, the casinos won't directly tell you the result of the next bet, or it would harm them.
The solution for this problem: give the
encrypted result of the next bet.
A provably fair casino
must give you the
encrypted result of the next wager, this
encrypted result is a string (a combination of numbers and letters) of a certain length, then you can use this
string in an external program to verify if the result was decided before your bet.
There are many encryption methods used by casinos, but most of them work in the same way. For this tutorial we will use the "MD5 Algorithm".
This is the step by step process to verify if a game is provably fair:
1) When you open the game, there should be a
string (the encrypted result) somewhere
before your wager,
save this string.
2) Play!
3)
After your wager, the casino must give you the
un-encrypted result.
The un-encrypted result varies per game, for example, in a roulette game the un-encrypted result could be something like this "JW5pwHv1DoXPmGVyQdgx-20", this means that the result of the game was "20" as you can see at the end (the randomly generated string at the start is used to prevent abuse, otherwise if the un-encrypted result were just "20", the user could know it before the wager by just looking at the string of the encrypted result).4) Compare the result you got in the game to the result shown in the
un-encrypted result, they must match! If they are the same, there is one more thing to do to prove that the game is provably fair.
5) The most important part is to use an
external program to verify the result. As we are using the MD5 Algorithm, we just have to look for a website where we can generate MD5 Hashes, like
this one or
this one.
Then we have to
paste the un-encrypted result and generate its MD5 Hash, this will give us a
string. Finally,
if the string we got matches with the string the casino gave us before our wager, we can be totally sure it's provably fair.I will show an example I made in this forum using a game from our casino, which should help you understand this easily:
Let's take the game "Coin Flip" for this example:
Below the game you can see:
"Next result MD5 hash: 0ae0190fe1f6830c5b480dcd26c2fbb4"This
string is the
encrypted result of the next wager.
After you play, you will get this:
Now you can see this:
"Result decoded: R3U0nB8GcZKadHbeDq2f-0"This is the
un-encrypted result.
For this particular game, if you get a "0" at the end, it means that the result is "Heads", and if you get "1", the result is "Tails".
And, as you can see, I got a "0" at the end, and the result was indeed "Heads".
Now to prove this is provably fair, you just need to go to any MD5 Hash Generator, like
this one, paste the
"Result decoded" there
(R3U0nB8GcZKadHbeDq2f-0) and you should get the
"Result Hash" (0ae0190fe1f6830c5b480dcd26c2fbb4).Let's see:
Then you just have to compare the
string you got with the
string we gave to you before your wager, and if they are exactly the same, then it means that we are provably fair!
As simple as that!
Now you may be wondering:
Could the casino change the result and give us the same string at the end?Here is the answer:
It's very unlikely to have a collision using MD5 Hash (two inputs with the same output), it's not impossible, but in this case it would be incredibly hard (pretty much impossible) to manipulate every single bet by changing the input to get the same output but with a different result for your bet.
Let's take the numbers from my example:
Input: R3U0nB8GcZKadHbeDq2f-0
Output: 0ae0190fe1f6830c5b480dcd26c2fbb4
Now let's take exactly the same input but changing the result:
Input: R3U0nB8GcZKadHbeDq2f-1
Output: 2d5e4d48786441a4fdbf929790da9445
As you can see, the outputs are totally different, hence the result can't be changed so easily to manipulate the bet. In this case, we would have to find an input with approximately the same length and ending in "1" that gives us exactly the same MD5 Hash result, for every single bet, which is practically impossible.
So, the answer is
no, it's practically impossible to change the result
if the
string is given
before your wager.
Well, I think that's it, if you follow the procedure as I explained you shouldn't have any problem to verify if a casino is provably fair.
I hope this tutorial was useful, if anybody has any doubt, just ask!