Is PrimeDice really (provably)fair?

[Remember remember the 5th of November]

Yes, they publish everything on their website and this does allow to verify actual bets, however I found something interesting.

We have three variables: secret, server seed, client seed. The client seed can be changed, however most don't bother to do it, and I believe this allows(and may even be exploited by the owners already) to do selective hashes.

Basically, the secret seed is a constant for 24hrs, the server seed is pre-generated before your next bet, it's the server seed that is the "weak" link. Basically they assume that the client seed WILL not be changed for the next bet based on user activity and then they pre-generate server seeds and select only those that would later hash to lower bets than your avg roll over number which is how they don't need to know what you are betting to roll over.

Nov 8 update

Even with their new layout, and "nonce", the server seed is still being used. If you can change the nonce every single bet to a random one, you can fix the problem, but the better solution yet would be for Stunna to remove the server seed entirely.

Sept 2014 update, locking thread as no longer relevant.

[bit777]

This is an interesting concept, but it doesn't relate just to PD, more like to anyone. I have noticed very strange losing streaks on some of the sites, like once I had 23 losses in a row with a chance of 1 in a gazillion.

However, do you have proof?

[Remember remember the 5th of November]

This is an interesting concept, but it doesn't relate just to PD, more like to anyone. I have noticed very strange losing streaks on some of the sites, like once I had 23 losses in a row with a chance of 1 in a gazillion.

However, do you have proof?

I cannot provide any concrete proof, aside from this picture



and how this is not the only occurrence of this loss streak. A user MoFo on PD with an initial bet of less than 0.01 and doubling on each loss, he doubled his money all the way to over 5 bitcoins and lost that all on ~50/50 chance of a win which were around 10-15 losses.
So while this may just come from the randomness that hashes are, it can also be due to selective hashes on server-side.

I can't prove myself right 100%, but I don't think anyone can prove that it isn't happening.

[KingOfSports]

This is an interesting concept, but it doesn't relate just to PD, more like to anyone. I have noticed very strange losing streaks on some of the sites, like once I had 23 losses in a row with a chance of 1 in a gazillion.

However, do you have proof?

I cannot provide any concrete proof, aside from this picture



and how this is not the only occurrence of this loss streak. A user MoFo on PD with an initial bet of less than 0.01 and doubling on each loss, he doubled his money all the way to over 5 bitcoins and lost that all on ~50/50 chance of a win which were around 10-15 losses.
So while this may just come from the randomness that hashes are, it can also be due to selective hashes on server-side.

I can't prove myself right 100%, but I don't think anyone can prove that it isn't happening.

Primedice is rigged beyond belief in my opinion. I've played on all the main ones, primedice, coinroll.it and just-dice. I am down a couple coins on all of them but prime dice the losing streaks are INCREDIBLE. Literally last 5 sessions I have had 25% wins or WORSE on the 50.5%. Not kidding. Went 0/3 also on 90% when I tried it for more then a BTC. Avoid this site IMHO. Over 1000 rolls of 50.5 and my win/lose ratio is around .68 (should be .99). The odds of that based on sample size are very very low.

[Remember remember the 5th of November]

This is an interesting concept, but it doesn't relate just to PD, more like to anyone. I have noticed very strange losing streaks on some of the sites, like once I had 23 losses in a row with a chance of 1 in a gazillion.

However, do you have proof?

I cannot provide any concrete proof, aside from this picture



and how this is not the only occurrence of this loss streak. A user MoFo on PD with an initial bet of less than 0.01 and doubling on each loss, he doubled his money all the way to over 5 bitcoins and lost that all on ~50/50 chance of a win which were around 10-15 losses.
So while this may just come from the randomness that hashes are, it can also be due to selective hashes on server-side.

I can't prove myself right 100%, but I don't think anyone can prove that it isn't happening.

Primedice is rigged beyond belief in my opinion. I've played on all the main ones, primedice, coinroll.it and just-dice. I am down a couple coins on all of them but prime dice the losing streaks are INCREDIBLE. Literally last 5 sessions I have had 25% wins or WORSE on the 50.5%. Not kidding. Went 0/3 also on 90% when I tried it for more then a BTC. Avoid this site IMHO. Over 1000 rolls of 50.5 and my win/lose ratio is around .68 (should be .99). The odds of that based on sample size are very very low.

By which username do you go on PrimeDice?

[Rippyzippers]

8 Loss streak on 50/50 proves nothing.

Nothing


Please have some more concrete proof of...well...any wrong doing...if you're going to make these kinds of accusations.



And don't get me wrong, I've sometmes questioned why the seeding is so random on PD when the solution is fairly easy, but your picture does nothing to say they are rigged.


I've seen 20 loss in a row on Just-Coin and you'd be stupid to say they are rigged.



You're gambling. You will lose.
People say, "The House Always Wins" for a reason.

[Remember remember the 5th of November]

8 Loss streak on 50/50 proves nothing.

Nothing


Please have some more concrete proof of...well...any wrong doing...if you're going to make these kinds of accusations.



And don't get me wrong, I've sometmes questioned why the seeding is so random on PD when the solution is fairly easy, but your picture does nothing to say they are rigged.


I've seen 20 loss in a row on Just-Coin and you'd be stupid to say they are rigged.



You're gambling. You will lose.
People say, "The House Always Wins" for a reason.

Re-read my first post where I do say that the server seed can be pre-generated in such a way that it allows selective hashes.

[dooglus]

This is an interesting concept, but it doesn't relate just to PD, more like to anyone.

I think PrimeDice are more vulnerable to this kind of accusation than either Just-Dice or CoinRoll, because PrimeDice changes the server seed before every roll, whereas CoinRoll only changes it once per day, and Just-Dice never changes it unless the player requests that it be changed.

Not that I think PrimeDice is cheating anyone; I don't.  It's just harder to verify that they aren't - you would have to make a note of each individual server seed, which probably nobody is going to be prepared to do.

[🏰 TradeFortress 🏰]

It is extremely suspicious how primedice STILL generates the client secret on the server and gives it to the player - it is a SECRET! The server cannot generate it.

PrimeDice CAN be made provably fair if the user changes it. However, PrimeDice is NOT provably fair when you start playing it.

[Stunna]

I cannot provide any concrete proof, aside from this picture



and how this is not the only occurrence of this loss streak. A user MoFo on PD with an initial bet of less than 0.01 and doubling on each loss, he doubled his money all the way to over 5 bitcoins and lost that all on ~50/50 chance of a win which were around 10-15 losses.
So while this may just come from the randomness that hashes are, it can also be due to selective hashes on server-side.

I can't prove myself right 100%, but I don't think anyone can prove that it isn't happening.

First of all, I'd like to preface this by saying that PrimeDice has never manipulated a single roll. We are actually profiting below our expected profit thus far. You certainly bring up a reasonable argument and it is something I will absolutely discuss with our developer. However, I don't feel posting a screenshot of an 8 loss streak proves anything, millions of bets are being placed and the term "concrete" should not precede it.

Your other example with MoFo is also moot, he's placed thousands and thousands of bets and has wagered nearly 1000BTC

However, I understand the underlying point you are making and am open to the suggested changes. While we do have a provably fair system it appears it is not as provable as it could be.

This is an interesting concept, but it doesn't relate just to PD, more like to anyone.

I think PrimeDice are more vulnerable to this kind of accusation than either Just-Dice or CoinRoll, because PrimeDice changes the server seed before every roll, whereas CoinRoll only changes it once per day, and Just-Dice never changes it unless the player requests that it be changed.

Not that I think PrimeDice is cheating anyone; I don't.  It's just harder to verify that they aren't - you would have to make a note of each individual server seed, which probably nobody is going to be prepared to do.

The points expressed here and throughout the thread have been duly noted and will be discussed with our developer. We're launching a new version of primedice within the next two weeks and this will be brought to the table. I'm not an expert in provably fair or cryptography, however I am an honest and decent person and am willing to work with the community towards a fix.


It's also important to note that vulnerabilities exist even in a perfect "provably fair" system, even SD could manipulate results if they wanted to.

http://www.reddit.com/r/Bitcoin/comments/1frm4x/provably_fair_by_bitzino_not_provable_with/

In many cases Provably fair is not enough. The author of that post mentioned he was working on provably fair II which is also something I'll be looking into implementing. November has my thanks for bringing this to my attention. If anyone has any concerns in the meantime, I suggest changing your client seed at the top of the betting page.

Best Regards,

Stunna

[Zaih]

I cannot provide any concrete proof, aside from this picture



and how this is not the only occurrence of this loss streak. A user MoFo on PD with an initial bet of less than 0.01 and doubling on each loss, he doubled his money all the way to over 5 bitcoins and lost that all on ~50/50 chance of a win which were around 10-15 losses.
So while this may just come from the randomness that hashes are, it can also be due to selective hashes on server-side.

I can't prove myself right 100%, but I don't think anyone can prove that it isn't happening.

First of all, I'd like to preface this by saying that PrimeDice has never manipulated a single roll. We are actually profiting below our expected profit thus far. You certainly bring up a reasonable argument and it is something I will absolutely discuss with our developer. However, I don't feel posting a screenshot of an 8 loss streak proves anything, millions of bets are being placed and the term "concrete" should not precede it.

Your other example with MoFo is also moot, he's placed thousands and thousands of bets and has wagered nearly 1000BTC

However, I understand the underlying point you are making and am open to the suggested changes. While we do have a provably fair system it appears it is not as provable as it could be.

This is an interesting concept, but it doesn't relate just to PD, more like to anyone.

I think PrimeDice are more vulnerable to this kind of accusation than either Just-Dice or CoinRoll, because PrimeDice changes the server seed before every roll, whereas CoinRoll only changes it once per day, and Just-Dice never changes it unless the player requests that it be changed.

Not that I think PrimeDice is cheating anyone; I don't.  It's just harder to verify that they aren't - you would have to make a note of each individual server seed, which probably nobody is going to be prepared to do.

The points expressed here and throughout the thread have been duly noted and will be discussed with our developer. We're launching a new version of primedice within the next two weeks and this will be brought to the table. I'm not an expert in provably fair or cryptography, however I am an honest and decent person and am willing to work with the community towards a fix.


It's also important to note that vulnerabilities exist even in a perfect "provably fair" system, even SD could manipulate results if they wanted to.

http://www.reddit.com/r/Bitcoin/comments/1frm4x/provably_fair_by_bitzino_not_provable_with/

In many cases Provably fair is not enough. The author of that post mentioned he was working on provably fair II which is also something I'll be looking into implementing. November has my thanks for bringing this to my attention. If anyone has any concerns in the meantime, I suggest changing your client seed at the top of the betting page.

Best Regards,

Stunna

SD can't manipulate their results. That only applies to websites liek Bitzino which use client seeds.

Just fix your system Stunna, I cbf sticking up for it anymore dispite always liking PD so much. I know your not cheating, but it's stupid how your system is made.

[Loker]

IMHO it's the bettor / user's fault if they neglect to change the client seed.

If they don't care enough to change it, they're not worried about the site's integrity and either don't care or trust that the site wouldn't falsely advertise provably fair.  If a BTC gambling site was ever exposed for manipulating bets that would put their entire site and reputation on the line no longer allowing them to receive bets at the rate they once did.

There's no amount of loss or win streak you can show to dissuade or persuade someone that it is or isn't provably fair.

Your accusations are ridiculous, frankly.

[🏰 TradeFortress 🏰]

It is extremely suspicious how primedice STILL generates the client secret on the server and gives it to the player - it is a SECRET! The server cannot generate it.

PrimeDice CAN be made provably fair if the user changes it. However, PrimeDice is NOT provably fair when you start playing it.

Stunna, no offense but you have been saying the "new site 2 weeks" for a long time now like BFL. It seriously takes ONE LINE:

var clientSeed = Math.random();

Sure, it's not cryptographically fair, but it is enough for a client seed.

[vlees]

Primedice is provably fair and legit. I love primedice.

^ Lol, this guy. ^

Claims JD is unfair while PD is fair. Neither have any arguments/evidence to back this up.

[escrow.ms]

I have left a negative feedback on stunna's profile. I don't think his site is fair at all. I won't remove it until he proves that my bet was fair and tell me why i won small bets and lost it when i wagered a big amount at 90%.

[Dabs]

You know the hash of the server seed.
You can change your client seed.

What's not fair about that?

His proof is the same as all other dice sites, using SHA2. That means a 2^256 up to 2^512 chance of getting a collision on the hash result based on both seeds.

You won because you got lucky. You lose because you got unlucky. Both can also be explained with probabilities and variance.

[escrow.ms]

You know the hash of the server seed.
You can change your client seed.

What's not fair about that?

His proof is the same as all other dice sites, using SHA2. That means a 2^256 up to 2^512 chance of getting a collision on the hash result based on both seeds.

I don't know server seed

I think PrimeDice are more vulnerable to this kind of accusation than either Just-Dice or CoinRoll, because PrimeDice changes the server seed before every roll, whereas CoinRoll only changes it once per day, and Just-Dice never changes it unless the player requests that it be changed.

I also don't know what was the client seed when I played that game and frankly i don't know how to verify them.

[Zaih]

Well.. Someone's a sore loser & a complete idiot 

Don't play games you don't understand

[escrow.ms]

Their verification page says "User is freely able to change server seed at their own will. which isn't true at all.


And why their secret hash remains same for a day and people have to wait for 24 hours to get it. They don't even save history of all bets on site. I am not a pro gambler, and people like me don't remember or check these kind of things. I thought it's my bad luck probably but after reading remember's thread I have some doubts about his site's legitimacy  and stunna need to clear it.

[escrow.ms]

Well.. Someone's a sore loser & a complete idiot 

Don't play games you don't understand

No well someone's a complete asshole.
No offence but fuck you, that's not your problem so mind your own fucking business.