Bitcoin Forum
November 09, 2024, 01:41:03 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 »  All
  Print  
Author Topic: [EDU] Provably fair and how it can be exploited by casino owners against you.  (Read 8617 times)
mem
Hero Member
*****
Offline Offline

Activity: 644
Merit: 501


Herp Derp PTY LTD


View Profile
September 08, 2013, 02:10:24 AM
 #21

Quote
Provably Fair is better than anything out there. False. In fact, it is my firm belief that the current implementation of Provably Fair is actually more harmful to players, because it gives players a feeling of security when such security can be easily be compromised without any notification or warning to the player.

This statement here I am calling bullshit on.

For 0 confirmation blockchain games that clearly state when they change the secret and display it there is only one possible way to cheat without getting caught.

A 0 confirmation casino could argue that their bitcoind node had not seen the bet before the secret changed. This allows for a ~10 minute window of abuse, that being said all players need to do is stop betting 10 minutes before the daily secret change and wait for the new hash to be announced.

Checkout satoshiroulette.com for an example (disclaimer Ive helped with their code and they have previously paid me to advertise on arby.pl), they log announce each days secret in the bet log so you can see exactly which bets were placed before and after the change and verify there were no obviously delayed (1 conf of greater) bets.

In this case Provably Fair is the absolute best random odds gambling you can hope for.

TrevorXavier
Newbie
*
Offline Offline

Activity: 27
Merit: 10


View Profile
September 08, 2013, 04:43:53 AM
 #22

It's absolutely crucial to our business that we never get caught cheating the user. If just one user discovers that we are cheating, all trust is gone, and we will lose all of our customers. Therefore, it is in our best interest to run a legitimate and fair casino. From a financial perspective, it simply does not make sense for us to cheat the user.

Unfortunately, this is a misleading statement. And I say it with the utmost respect, as I have enjoyed – and will continue to enjoy – discussions with casino operators.

First, the statement offers nothing towards the cryptanalysis of "provably fair" – meaning, a casino operator could remove all references to provably fair on their site and simply say, "We do not cheat. If we did, we would get caught and lose all of our customers." This is a simple promise. It offers little towards any cryptographic reassurance that bets were handled with integrity.

Secondly, it is difficult to follow your logic that one discovery of cheating would lead to catastrophic loss of the entire customer base. For one, if the casino was engaging in bet discrimination, only a subset of players would be subject to exploitation. And throwing an accusation would be difficult to reproduce, given that a) other users may be unable or unwilling to bet at the same high level as the accuser, and b) the exploit may be infrequent, and c) other users betting below the discrimination level could accurately say, "I was never cheated. I verified all of my bets."

The burden of proving fairness (provably or otherwise) must remain with casino operators, not the players that enjoy playing them.
Dabs
Legendary
*
Offline Offline

Activity: 3416
Merit: 1912


The Concierge of Crypto


View Profile
September 08, 2013, 05:22:06 AM
 #23

You know what happened to Absolute Poker and Ultimate Bet? They got caught cheating. They are now gone. (Well, the government is now auctioning them off.) Those aren't even bitcoin casinos and don't have any provably fair system at all. They were however audited by some government entity and certified. But nothing that you, as a player, can do to verify the game you just played.

TrevorXavier
Newbie
*
Offline Offline

Activity: 27
Merit: 10


View Profile
September 08, 2013, 05:52:06 AM
 #24

You know what happened to Absolute Poker and Ultimate Bet? They got caught cheating. They are now gone. (Well, the government is now auctioning them off.) Those aren't even bitcoin casinos and don't have any provably fair system at all. They were however audited by some government entity and certified. But nothing that you, as a player, can do to verify the game you just played.

Certainly, and yet SkillsOnNet, Spielo G2, Scotland, Winaday, and GameTech (formerly FutureBet) have been caught and are still in business. The goal of my analysis was not to destroy "provably fair", but rather to point out its potential weaknesses in the hopes that it does become stronger. Without careful study, any newly-minted, nefarious casino can tout their "provably fair" system and get players to participate in an unfair environment.
knowitnothing
Sr. Member
****
Offline Offline

Activity: 294
Merit: 250


View Profile
September 08, 2013, 06:04:48 AM
 #25

You know what happened to Absolute Poker and Ultimate Bet? They got caught cheating. They are now gone. (Well, the government is now auctioning them off.) Those aren't even bitcoin casinos and don't have any provably fair system at all. They were however audited by some government entity and certified. But nothing that you, as a player, can do to verify the game you just played.

Certainly, and yet SkillsOnNet, Spielo G2, Scotland, Winaday, and GameTech (formerly FutureBet) have been caught and are still in business. The goal of my analysis was not to destroy "provably fair", but rather to point out its potential weaknesses in the hopes that it does become stronger. Without careful study, any newly-minted, nefarious casino can tout their "provably fair" system and get players to participate in an unfair environment.

I assume I'm a bit confused here. Can you clarify which of the following you prefer:

  • Make a casino, never mention it is provably fair, neither provide description about how it operates
  • Make a casino, mention it is provably fair and provide a description about how it operates, eventually get caught because people found that it was not doing what it promised

? So far it seems you prefer the first method, and the casino might very well operate in a fair manner. The thing is, if it doesn't operate in a fair way, then people might never find out. The second way is much clearer to everyone, and people interested on it will certainly check what it says.
TrevorXavier
Newbie
*
Offline Offline

Activity: 27
Merit: 10


View Profile
September 08, 2013, 06:50:25 AM
 #26

I assume I'm a bit confused here. Can you clarify which of the following you prefer:

  • Make a casino, never mention it is provably fair, neither provide description about how it operates
  • Make a casino, mention it is provably fair and provide a description about how it operates, eventually get caught because people found that it was not doing what it promised

? So far it seems you prefer the first method, and the casino might very well operate in a fair manner. The thing is, if it doesn't operate in a fair way, then people might never find out. The second way is much clearer to everyone, and people interested on it will certainly check what it says.

Thank you for the question!

Nothing from my original article should have led you to that conclusion, and neither one of those preferences is appealing. The research conducted should help players understand what "provably fair" is and what it isn't. It can be a good-faith effort on behalf of a casino to alleviate concerns of cheating, but it isn't a means of absolving a casino of all liability. I do consider many of the web-based implementations of "provably fair" to be quite weak, since they claim to create an environment that makes it "impossible to cheat" players or instill "ultimate trust".

If my research helps advance the frontier of "provably fair", then I'll consider it a meaningful contribution to bitcoin. Thanks again. Smiley
knowitnothing
Sr. Member
****
Offline Offline

Activity: 294
Merit: 250


View Profile
September 08, 2013, 07:10:53 AM
 #27

I assume I'm a bit confused here. Can you clarify which of the following you prefer:

  • Make a casino, never mention it is provably fair, neither provide description about how it operates
  • Make a casino, mention it is provably fair and provide a description about how it operates, eventually get caught because people found that it was not doing what it promised

? So far it seems you prefer the first method, and the casino might very well operate in a fair manner. The thing is, if it doesn't operate in a fair way, then people might never find out. The second way is much clearer to everyone, and people interested on it will certainly check what it says.

Thank you for the question!

Nothing from my original article should have led you to that conclusion, and neither one of those preferences is appealing.

While the second option is not exactly something good, it might just be an innocent mistake by the operator. So, please, clarify if your preference is for the second option with the additional constraint that the operator should never make mistakes on that.

If your preference is for something else, then I still don't know what you prefer, neither what is your actual point (and this should be very clear if you are interested in continuing with this). I've read your original post and got the points you made, but now I can't see what exactly you are after.
kingsportzrulz
Newbie
*
Offline Offline

Activity: 17
Merit: 0


View Profile
September 08, 2013, 11:47:09 AM
 #28

... You have to understand that you can easily lose 50% 20 times in a row. You have to understand that you can lose 111 times in a row on 10%. You have to understand that you can lose 8 times in a row on 90%.

Because I've personally seen it all happen. And I personally verified each and every bet as fair. And it does not matter what the amount of the bet is, because the systems all of these bitcoin dice sites implement does not account for the size of the bet.

... Just bet a billion times on 98% chance to win and you will almost surely see 5 or 6 losses in a row. It can happen within the first 100 rolls.

While I'm at it, I just lost 6 times in a row on 87.7779% about 4 or 5 weeks ago....

Dabs, thank you firstly for contributing to this discussion in a professional manner, and providing constructive and meaningful input. I can respect a person when they present in such a manner. Given the topic, it's all too easy to bring these discussions down to toilet level, with name calling, throwing terms like 'sour grapes', 'sore loser' etc etc around. So i respect what you say.

I have over 2 decades of gambling experience, and i have studied quantitative analysis at college. Further, placing a $1,000 bet these days unfortunately does not mean the same to me as it once did. But whatever, you lose some, you win some. Know what you are getting involved in, and take the outcomes like a man.

BUT, if you have vast experience in anything, you know when something is not right. This is what i am saying, from my personal experience, past and present, i believe a particular site is not 'right'.

I agree with what you said above. But also remember that coin has too sides. All of those loses you mention are statistically possible, but the same goes for such a run on wins. It is possible to win 6 times in a row on 12%. But on all these threads, all the bitcoin sites etc, and with all the chat and people watching the play going on, i personally haven't yet heard of any stories of such 'magic' run of wins.

Why are so many people coming out saying 'man, a lot of bad streaks on such a such site', or 'i know it is possible to go on a bad run, but 10 loses in a row, 3 times, this quickly, wtf' etc etc.

Some sites have only been running a 'minute' statistically speaking. And already have claimed victim after victim with 'statistically acceptable variance' blah blah blah. Such runs (good or bad) are possible, but very RARE, like 1 time per 100,000+. For such runs, and coincidentally all to be bad runs for the players, to happen within the first 'minute', well come on, are those site owners REALLY THAT LUCKY? and us players that unlucky?

I'm a realist, and I personally believe something is not right with some sites.
 
Dabs
Legendary
*
Offline Offline

Activity: 3416
Merit: 1912


The Concierge of Crypto


View Profile
September 08, 2013, 01:08:22 PM
 #29

So, so far, you are saying, these sites just don't feel right? But you have no other proof or validation other than gut feel?

The problem with this "minute" sites, is that suddenly you don't take 6 months to 1 year to achieve the milestone 5 million bets. You take 1 week and you have 10 million bets.

What took SD a year to achieve in terms of numbers (not bitcoin, but number of individual bets) only took a month for all 3 other non-blockchain based dice sites (CR, PD, JD).

So we see their variance and results come out faster than what seems normal. If the site in question seems very lucky, then an exploitative player could reverse the rolls and make the site very unlucky. Any variation from statistical norms would be a pattern seen by all these analysts and ... the site will go broke very quickly.

While the results look very improbable, they are not impossible. We know the math. It happens. Case in point, it did not take a million rolls for the 1 in a million bet on JD to win. Two separate people achieved it using javascript bots running the entire night and day, thus skewing the site luck for awhile during it's first "minute" of existence.

In JD's example, if the players do not change or randomize their seeds, the sequence has been laid out well into the future (the owner can compute the next billion rolls and know the results.)

kingsportzrulz
Newbie
*
Offline Offline

Activity: 17
Merit: 0


View Profile
September 08, 2013, 01:43:54 PM
 #30

How is it that someone can take a liking to someone they have never met and only after a few brief exchanges. Dabs you are a good guy. You seem to be coming from an academic/statistical perspective, and there is no fault with anything you have said based on that perspective.

You are not focusing on the correct particulars however. Take your 10 million bets from PD, JD and co and remove 99.5% of the bets. Remove all the micro bets and lets talk about bets only at 0.5 btc and above.

My point of contention is - quote "Quote 1 “Bet Discrimination Under the assumption that an investigator will not place high stakes to investigate cheating, the house can safely offer a fair game to those using play money or very low stakes. As the bet size increases, so does the probability of an exploit."

If you are able to do so, please run your analysis on the data of PRIMEDICE for bets 0.5 btc and above and report what the house edge is currently for those, and only those, bets. (For the record, i believe Just-Dice to be far superior and fair from my experience.)

Quote from TrevorXavier post : "If a house cheated, they would eventually get caught. Not necessarily. The house only needs to bring their theoretical house edge to 1-2% to see significant gains. Additionally, if the house concentrates its cheating on a minority of players that it can safely assume is not investigating exploits, the cheating can continue without detection."

Dabs, if you do manage to calculate the house edge % for PD for >0.5btc bets, I'd be most interested in your explaining same should that % come back at 2% or better.




 
Dabs
Legendary
*
Offline Offline

Activity: 3416
Merit: 1912


The Concierge of Crypto


View Profile
September 09, 2013, 02:40:20 AM
 #31

How is it that someone can take a liking to someone they have never met and only after a few brief exchanges. Dabs you are a good guy. You seem to be coming from an academic/statistical perspective, and there is no fault with anything you have said based on that perspective.

It seems there is an implication that I have a "liking" to anyone or anything. If you must know, I don't particularly like any site. But like you just said, there is no fault in anything I have said, regardless of perspective.

You can make accusations without proof, but that doesn't look right to me. I don't send innocent men to jail.

Quote
My point of contention is - quote "Quote 1 “Bet Discrimination Under the assumption that an investigator will not place high stakes to investigate cheating, the house can safely offer a fair game to those using play money or very low stakes. As the bet size increases, so does the probability of an exploit."

Probability is not certainty. You can certainly say for example, that if any single bitcoin casino now gets 500,000 BTC in total deposits, the operators will probably disappear.

I can assure you, from gut feel, without proof, that if this all happened to the top 4 dice sites, including PD, CR, JD and SD, none of them will disappear. (SD can't accept deposits yet, so we will just see record gambles in the blockchain.)

Quote
Dabs, if you do manage to calculate the house edge % for PD for >0.5btc bets, I'd be most interested in your explaining same should that % come back at 2% or better.

I don't have the data, it was never made publicly available all in one place. We'll have to request for it. I feel though, that no matter how accurate and legitimate this data will be, you will consider the source suspect.

I can't help you there then.

Your belief, without proof, is the same as my so called Gambler's Fallacy, which many people consider the same as Santa Claus and the Tooth Fairy.

Also, another problem with that is you will be selectively using a limited set of data. Remember, the systems as implemented DO NOT CARE or DO NOT KNOW how much you bet. The bet amount is IRRELEVANT. If you take away 99.5% of the data, you are only using 0.5% as your sample, and the variance there will only be 0.5% of the whole.

You have to use everything. Scrap out the bet amounts. Analyze that. If those are all within standard statistical deviations and norms, I hope that provides enough proof.

I do agree, I am a good guy (self-serving), and I am in communication with the operators and owners of those top 4 dice sites.

If you have any particular suggestion, you can post here or PM me, I will forward it to them, and hopefully they will improve their current implementations. There are some obvious ones need right now, I can see that. While it's not yet happening, do yourself a favor and change the client seeds yourself at every roll. You can't get any more fair than just doing that one thing. Regardless of how much you bet.

I don't see TrevorXavier posting any drafts of his Provably Fair 2 system yet. And I honestly can't see how anything can get fairer, than for example, my own weekly lotto drawing. Although this is a really slow way to try to implement on a dice site.

One last thing, in poker sites, they use simulations of their RNG to show you that 1 million hands are not being manipulated. The site does not know who the players are, does not know how much is the pot, and does not know who will fold or who will win. And there is nothing provably fair about what they do. Think about that.

Here's a suggestion: Would people be willing to put up a fund where I can collect large amounts of BTC, then I will gamble it and gather statistics? The sites will not know it is me since I will be using an anonymous account. As the lead investigator, I will place the high stakes to investigate any possible cheating. Any assumptions the site makes based on bet discrimination to attempt to cheat our coins away from us will result in detection of any such exploits.

I've tried the "Group Bet" thing before, and didn't get much (I gathered about 20 BTC total.) Plus some people are violently opposed to me doing this (not the site operators.)

aksplace
Sr. Member
****
Offline Offline

Activity: 602
Merit: 260


View Profile
September 09, 2013, 02:56:27 AM
Last edit: November 08, 2013, 08:58:33 PM by aksplace
 #32

The one and only Provably Fair Verification Form you will ever need.
simplydt
Full Member
***
Offline Offline

Activity: 126
Merit: 100


View Profile WWW
November 07, 2013, 01:26:01 PM
 #33

My brain always reads this as "Probably Fair". Could be it was trying to tell me something!

Hahaha same, the first time I read it I was like "why the hell would the say their site is probably fair??!"... anyway, very interesting read. Will definitely make me think twice about putting any wagers on any of these sites.
dooglus
Legendary
*
Offline Offline

Activity: 2940
Merit: 1333



View Profile
November 07, 2013, 06:43:19 PM
 #34

Will definitely make me think twice about putting any wagers on any of these sites.

That's a good idea.  Read the article, see if any of the points it makes could realistically happen on the site you're thinking of playing, and if so talk to the site operator about how he can prove that he's not cheating in such a way.

A lot of the points the article makes just don't apply to most new provably fair sites.  There's still a responsibility on the player to check the results for himself and not blindly trust the site to be fair because it says it is, but provably fairness really does mean you can check whether you are being cheated or not.

Just-Dice                 ██             
          ██████████         
      ██████████████████     
  ██████████████████████████ 
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
    ██████████████████████   
        ██████████████       
            ██████           
   Play or Invest                 ██             
          ██████████         
      ██████████████████     
  ██████████████████████████ 
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
    ██████████████████████   
        ██████████████       
            ██████           
   1% House Edge
Oldminer
Legendary
*
Offline Offline

Activity: 1022
Merit: 1001



View Profile
November 07, 2013, 08:03:49 PM
 #35


A lot of the points the article makes just don't apply to most new provably fair sites. 

lol sure they dont dooglus..sure they dont..haha  Wink

If you like my post please feel free to give me some positive rep https://bitcointalk.org/index.php?action=trust;u=18639
Tip me BTC: 1FBmoYijXVizfYk25CpiN8Eds9J6YiRDaX
aksplace
Sr. Member
****
Offline Offline

Activity: 602
Merit: 260


View Profile
November 07, 2013, 08:19:34 PM
 #36


A lot of the points the article makes just don't apply to most new provably fair sites.  

lol sure they dont dooglus..sure they dont..haha  Wink

Oldtimer/Bitwincasino =scam



moderate
Member
**
Offline Offline

Activity: 98
Merit: 10

nearly dead


View Profile
November 07, 2013, 10:14:38 PM
 #37


A lot of the points the article makes just don't apply to most new provably fair sites.  

lol sure they dont dooglus..sure they dont..haha  Wink

Oldtimer/Bitwincasino =scam





LOL. Won't the admins remove OBVIOUS scams ? Go away bitwincasino!
dooglus
Legendary
*
Offline Offline

Activity: 2940
Merit: 1333



View Profile
November 08, 2013, 10:22:52 AM
 #38


A lot of the points the article makes just don't apply to most new provably fair sites. 

lol sure they dont dooglus..sure they dont..haha  Wink

Do you feel up to talking about this now, or are you just going to make zero-content posts like the above?

Maybe we could take it to your self-moderated thread so you can delete anything I say that makes your scam casino look bad.

Just-Dice                 ██             
          ██████████         
      ██████████████████     
  ██████████████████████████ 
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
    ██████████████████████   
        ██████████████       
            ██████           
   Play or Invest                 ██             
          ██████████         
      ██████████████████     
  ██████████████████████████ 
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
    ██████████████████████   
        ██████████████       
            ██████           
   1% House Edge
aksplace
Sr. Member
****
Offline Offline

Activity: 602
Merit: 260


View Profile
November 08, 2013, 11:39:43 AM
 #39


A lot of the points the article makes just don't apply to most new provably fair sites.  

lol sure they dont dooglus..sure they dont..haha  Wink

Oldminer, Are you from India? Reason I ask I would be more then welcome to use Google Translator to help explain more in detail on why provable gaming is an important aspect in the new digital gambling atmosphere. In a nut shell these none provable casinos use old dinosaur software that has been proven time and time again to be unfair to casino players. What's ironic is the house always wins in the long run so there is no need to steal from clients as generally they will lose at some time. This is one of the reasons why Douglas is so successful. People know they are getting a fair handshake and even if they lose they usually can accept the fact it was a legitimate roll on the dice. (I still bitch and moan to him on occasion though when I lose)  Grin

Any gambling company that still promotes unprovable gaming clearly knows they are a dying bread and as the gambling community continues to educate themselves regarding provable gaming and the concept behind it. A majority will jump ship even if the quality of designed games lags from the antique none provable kind. Within a year I would bet a majority of remaining online casinos especially in the bitcoin field will all offer provable gaming. If not they will go hungry because guest no longer will be willing to "lose" coins knowing ahead of time the odds of winning is slimmer than what it would be in a provable gaming casino.
b!z
Legendary
*
Offline Offline

Activity: 1582
Merit: 1010



View Profile
November 17, 2013, 01:16:25 PM
 #40

That is true.

Provably fair has become an essential in the Bitcoin gambling industry. I don't think an honest Bitcoin casino should have anything to hide.
Pages: « 1 [2] 3 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!