Stephen Gornick (OP)
Legendary
Offline
Activity: 2506
Merit: 1010
|
|
September 03, 2013, 09:30:23 PM Last edit: September 07, 2013, 07:21:54 AM by Stephen Gornick |
|
The innovation referred to as "Provably fair" gaming is an innovation that has driven the growth of Bitcoin-based online wagering. The problem with Provably fair is that actually verifying each hand (or round, play, etc.) from the service to ensure it was truly fair is something very difficult to do, today. Each site has its own verification techniques and the ones that use a random number generator for the client seed includes challenges for verification as well. If a provably fair site were to want to cheat, it could probably get away with it for a while before some techie was manually performing verification analysis and discovered that cheating had occurred. This is not a bitcoin-gaming specific challenge. I see the need for some protocol so that the game can get the client seed from a user-defined source not under the control by the gaming service (e.g., a browser plug-in, or external, consumer-owned, hardware device even), and then then after each play the plug-in or device would then verify that the results of the game were computed accurately. There's probably only a handful of seed + verification approaches that would suffice for most provably fair gaming offered today. I know that BitZino uses at least two, as their slots needed a different approach (factoradics) than their other games needed: - https://bitzino.com/about/fairIf this seed + verification protocol were created and plug-ins and/or devices were available, most Bitcoiners would only play the online gambling services where this protocol is offered. Competitive forces would draw other services to use the protocol as well, possibly even into the casino industry where Bitcoin is not (yet) even used. At a minimum, such a protocol would give Bitcoin-based online wagering added legitimacy since you would no longer need to trust that the provably fair service isn't cheating you. Any thoughts on the topic?
|
|
|
|
elm
Legendary
Offline
Activity: 1050
Merit: 1000
|
|
September 04, 2013, 07:23:50 AM |
|
first of all thank You for clarifying that even a Provably fair site could cheat at least for a given time.
I am not an expert of all of this although my dream is to have an online casino with BTC payments.
I didnt understand the bitzino example You gave. did You mean that the bitzino verification is from a neutral source and cant be manipulated?
I like Your idea very much, but I didnt understand if it is at all doable. please let me ask a maybe stupid question, if I will have my BTC online casino where would I look for such a perfect verification to offer a real "Provably Fair" game? any answer and help is very much appreciated.
cheers
|
|
|
|
Stephen Gornick (OP)
Legendary
Offline
Activity: 2506
Merit: 1010
|
|
September 04, 2013, 11:37:31 PM Last edit: September 07, 2013, 07:25:02 AM by Stephen Gornick |
|
I didnt understand the bitzino example You gave. did You mean that the bitzino verification is from a neutral source and cant be manipulated?
Yup. two pieces of information (the hash they provide and then after that the seed my client provides) are known by me before each play. Then after the game is played the secret is revealed. It can be proven later that their secret [Edit: deck] didn't change as it should hash to the same value they provided prior to the game play. So then for shuffling the deck bitZino uses a few functions, sha256, MersenneTwister19937, and FisherYatesShuffle. The pseudocode for it is at the bottom of this post: - https://techblog.bitzino.com/2012-06-30-provably-fair-shuffling-through-cryptography.htmlSo after the game is over I can verify that the results of the deck shuffle were not altered during play. From there each game can be verified. Each type of game has a unique challenge. Even though I know how the cards were shuffled for blackjack, for instance, I would still need to track each play -- where did I stand or bust on the hand, did I split, etc. So that part of the verification isn't necessarily generic. The player's actions would need to be fed to a verifier that knows the rules of the game. This technology won't be something the casinos would be anxious to develop. So this would be an innovation rising from the bottom-up, pulled forward because it protects the player from a dishonest operator (or even an operator that is unaware of a bug or other situation causing players to not be paid out properly).
|
|
|
|
gmaxwell
Staff
Legendary
Offline
Activity: 4284
Merit: 8816
|
|
September 05, 2013, 12:03:05 AM |
|
Because the game has a player you can user an interactive protocol. There is no need for a trusted device.
The house discloses a commitment for their seed, e.g. H(seed), the user picks a random value and tells the house. The game uses H(seed||user random) as the CSPRNG start for the game.
|
|
|
|
TippingPoint
Legendary
Offline
Activity: 905
Merit: 1000
|
|
September 05, 2013, 01:03:38 AM Last edit: September 05, 2013, 01:40:43 AM by TippingPoint |
|
This might have an application for some forms of online gaming. And it has the potential to make non-verifiable random numbers in online gaming obsolete.
But for online poker, it does not protect against the most damaging potential exploit, which is the superuser, one who knows the other player's cards in real time.
And that is not just a hypothetical problem.
I am not aware of any cases of a rigged RNG in poker. Although there have been some cases of bad programming.
|
|
|
|
Dabs
Legendary
Offline
Activity: 3416
Merit: 1912
The Concierge of Crypto
|
|
September 05, 2013, 04:29:08 AM |
|
If this is not off-topic, I am currently conducting an experiment specifically for Online Poker. https://bitcointalk.org/index.php?topic=274068.40There are also threads on other parts of the forum. The problem with this new hardware based verification is that this might not apply to other styles of "Provably Fair" such as poker. Poker is unique in this aspect because there is an attempt to prove the deck is not rigged while not revealing cards which players do not want revealed (they discard or muck or fold.) If players do not mind having an "open" game, where the entire deck is revealed, then to make it Provably Fair is relatively easy. This can be done in BlackJack and some variants of poker, like Chinese Poker or Pusoy Dos, but not Hold'em or Omaha. The only true solution to online poker is a proper implementation of Mental Poker, but no website that is raking in money will ever try to do that. The super-user or god-mode problem is best solved by proper administration and management of the site, and the integrity and honesty of the operators / owners. Employees should not be given real time access to this unless they are part of a carefully screened collusion detection team. Even then, histories can be viewed after the game, so there is no need for real time live access to the hole cards. In my protocol, I give the players the opportunity to cut the deck (or re-shuffle it) and to choose the deck. That looks fair to me. Provably or Astronomically Probably. @OP, I nitpick, the current implementations of all Provably Fair gaming systems are actually more technically correct to be called Probably Fair, because they use collision resistance of cryptographically secure hash functions. Those are not proofs, but to most people, can consider as proof enough. Whether you are a good poker player or not, I invite you to join my "Table" and buy-in for the low measly amount of 0.01 BTC.
|
|
|
|
elm
Legendary
Offline
Activity: 1050
Merit: 1000
|
|
September 05, 2013, 07:27:09 PM |
|
lets say I will open an online casino and take a live dealer Roulette or BJ, could I call this "Provably Fair"?
cheers
|
|
|
|
Dabs
Legendary
Offline
Activity: 3416
Merit: 1912
The Concierge of Crypto
|
|
September 05, 2013, 10:17:48 PM |
|
@elm, you have to show how the game is fair. The typical implementation uses SHA-256 or SHA-512, commits the server seed, then allows the player to input his own client seed.
Video even if it is claimed to be live is not "Provable Fair".
|
|
|
|
elm
Legendary
Offline
Activity: 1050
Merit: 1000
|
|
September 06, 2013, 05:29:40 AM |
|
@elm, you have to show how the game is fair. The typical implementation uses SHA-256 or SHA-512, commits the server seed, then allows the player to input his own client seed.
Video even if it is claimed to be live is not "Provable Fair".
@Dabs thanks a lot for the explanation. I am asking myself why all those big software companies like Playtech, Netent, cryptologic etc are not implementing "Provably Fair" option? what is Your opinion? could You or someone else please explain why Live Dealer is not "Provably Fair"? I have another question regarding the server seed in a BJ game. how do I know that the server seed. lets say it is an eight deck BJ game. how do I know that the casino(server seed) didnt forget any important cards of the decks? can I see or check this as a player? sorry for so many (maybe stupid) questions, but all this is new to me and I am really a fan of giving online casino games as fair and honest as possible. but I think that there is always a cheat possible if a game provider wants to. cheers
|
|
|
|
Dabs
Legendary
Offline
Activity: 3416
Merit: 1912
The Concierge of Crypto
|
|
September 06, 2013, 07:15:38 AM |
|
@elm, you have to show how the game is fair. The typical implementation uses SHA-256 or SHA-512, commits the server seed, then allows the player to input his own client seed.
Video even if it is claimed to be live is not "Provable Fair".
@Dabs thanks a lot for the explanation. I am asking myself why all those big software companies like Playtech, Netent, cryptologic etc are not implementing "Provably Fair" option? what is Your opinion? could You or someone else please explain why Live Dealer is not "Provably Fair"? I have another question regarding the server seed in a BJ game. how do I know that the server seed. lets say it is an eight deck BJ game. how do I know that the casino(server seed) didnt forget any important cards of the decks? can I see or check this as a player? sorry for so many (maybe stupid) questions, but all this is new to me and I am really a fan of giving online casino games as fair and honest as possible. but I think that there is always a cheat possible if a game provider wants to. cheers @elm, it seems only the bitcoin casinos are doing anything close to "Provably Fair". No traditional real money casino is doing anything except getting certifications or audits from third parties. That does not prove anything at all, but at least they go through some steps to reassure the clients and paying players. Bitzino is an example, where you get to see the hashes before the game starts, and you get to see the entire deck after the game is over. A lot of other games do similar. All those big software companies, are not implementing "Provably Fair" because they either don't know about it, or they have never thought of it. Also, they have so much invested in their current systems, until the first major casino decides to do something even close to "Provably Fair" they simply will not even bother. And only if they start losing their players to the rival who does it. They just don't have the time, or they just don't care. The players, most of them, they don't care either. This will change sooner or later, as more bitcoin casinos, and even fiat casinos decide to implement something similar.
|
|
|
|
elm
Legendary
Offline
Activity: 1050
Merit: 1000
|
|
September 06, 2013, 09:57:02 PM |
|
@Dabs
thanks again for the detailed explanation and Your opinion. very much appreciated. sorry if I ask again because You didnt answer the following question:
could You or someone else please explain why Live Dealer is not "Provably Fair"?
if You have an opinion regarding this question please let me have it or if some one else could give his opinion that would be very much appreciated.
cheers
P.S. is there a merchant service provider that You could recommend for an online casin? for example coinbase, coinapult, Bips, bitpay etc
|
|
|
|
Stephen Gornick (OP)
Legendary
Offline
Activity: 2506
Merit: 1010
|
|
September 06, 2013, 10:16:17 PM |
|
please explain why Live Dealer is not "Provably Fair"?
Live dealer: - http://www.livedealer.org/introduction/Provably fair with a live game would involve something like the decks of cards being shuffled (however you deem the shuffle to be considered fair), then on each card is printed a unique ID (e.g., serial number like 1 for the top card, 2 for the next, 3, ...etc) then both sides of each card photographed, digitized and encrypted and the digital content given to you. So before you place your bet you have evidence that allows you to later know the order of every card in the card shoe before the game. After the game, you are given the passphrase used to decrypt and, if you know each action each player took, you can prove if the dealer cheated you.
|
|
|
|
elm
Legendary
Offline
Activity: 1050
Merit: 1000
|
|
September 06, 2013, 10:22:14 PM |
|
@Stephen
thanks for explaining. this sounds very complicated for a live casino to implement IMHO. and now I understand that this would not be possible at all with a live roulette.
cheers
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
September 06, 2013, 10:29:18 PM |
|
could You or someone else please explain why Live Dealer is not "Provably Fair"?
Provably fair doesn't mean "hard to cheat" it means it is impossible for the site to cheat without being detected* through the use of strong cryptography. A video of a dealer doesn't prove the deck has the right number of cards, that the deck hasn't been stacked in favor of the house, that the dealer isn't trained to deal "seconds", etc. It certainly makes it HARDER to cheat compared to some site that is 100% opaque but it isn't provably fair. The difference is "fair" vs "PROVABLY fair". PROVEN EVENT #1: If a site generates a random 256 bit number and provides me the hash I know they can't change it after the fact. If they change their secret number it won't produce the same hash. PROVEN EVENT #2 If I generate my own 256 bit number and provide it to the site (after EVENT #1) and the site XOR the two values to use as the "combined secret" then I can prove that the site couldn't have rigged the random number in their favor (as they don't know until after selecting their random number what mine will be). PROVEN EVENT #3 If the game is based on the combined secret in #2 I can prove it was done fairly. After the game the site will reveal their secret number (which I can verify hashes to the hash provided in event #1). I can also verify that the "game secret" is the XOR of the house's secret number and my secret number. Assuming the house also provides details steps on how that number produces the output I can verify they have shown me the proper output (sequence of cards, winning number, win/loss, etc). When those three events occur and in the proper order, and are verified by the user it is not possible for the house to cheat. Try to think of a scenario where the house could cheat and not be detected. It is mathematically proven that if I lost then it was due to "fair chance". A video of a dealer doesn't provide that. It may make it harder to cheat but harder to cheat isn't the same standard as PROVABLY fair. You "could" (not a accusation more a thought exercise) manipulate the video feed, the shoe used to deal could be designed to read the cards and allow the dealer to deal the second card (i.e. player has 16 and hits in BJ, the next card is a 5 and the second card is a K). The quality of the video, the resolution, the angle, etc may make it HARDER to cheat but the house still CAN cheat. Likewise the use of a video dealer makes it impossible for YOU to prove the game is "fair" (losses/wins based on random chance). It basically comes down to trusting the site. Maybe a video live dealer will increase the trust players have but it still requires trust. The same thing would apply to other games. In roulette a video feed doesn't guarantee the wheel is fair (i.e. each number has an equal and random chance of being picked) and not rigged. * The point of this thread is that while an event can be provably fair it requires the player to verify. So a game can be in theory provably fair but if the player doesn't a) submit its own random player key, b) verify the hashes of house key, c) verify the output matches the combined game key then while it is provably the house could cheat. If the rate of verification is low and the rate that house cheats is low it is very possible the cheating would go undetected. If there was an automated software on the player's computer which verifies all game outcomes it ensures the provable is proven. If enough players used it then it would become impossible for the house to cheat for any significant period of time.
|
|
|
|
Dabs
Legendary
Offline
Activity: 3416
Merit: 1912
The Concierge of Crypto
|
|
September 07, 2013, 05:53:56 AM |
|
Provably fair with a live game would involve something like the decks of cards being shuffled (however you deem the shuffle to be considered fair), then on each card is printed a unique ID (e.g., serial number like 1 for the top card, 2 for the next, 3, ...etc) then both sides of each card photographed, digitized and encrypted and the digital content given to you.
So before you place your bet you have evidence that allows you to later know the order of every card in the card shoe before the game. After the game, you are given the passphrase used to decrypt and, if you know each action each player took, you can prove if the dealer cheated you.
Hi Stephen. I'm attempting to do something and what you describe is very similar to what I have just implemented. I hashed the individual cards of the deck, I add another secret then hash them again, I sort them according to the hash values which shuffles the deck once, then all those hash values are shown. That uniquely identifies each card without showing the player what the card rank and suit is. Then I allow the players to further cut or reshuffle the deck some more. More details and an actual example is in my thread. In relation to this topic, such an implementation would require a customized hardware device, or a device that allows users to update with either source code or firmware. Your device would essentially be an interpreter that accepts numbers from the casino then verifies everything for the player. A third party open source software verifier would achieve the same result.
|
|
|
|
elm
Legendary
Offline
Activity: 1050
Merit: 1000
|
|
September 07, 2013, 07:00:48 AM |
|
@Death And Taxes
thank You very much for jumping in with this detailed explanation. very much appreciated.
now I understand that Proven Event #1, #2 and #3 gives the player a 100% security that he wasnt cheated by the casino. and the casino proved that he handled the games 100% fair and honest. Great! Proven Event #1 alone cant be called provably fair.
IMHO, a player at a casino wants to play and enjoy playing and not after each loss to check if he was cheated. after the end of his day at the tables and after a loss at the end of his gambling day I think he would like to check it. how can a casino handle this problem? or is it just that each player will check whenever he feels like?
is there a company that provides provably fair option as a 3rd party provider?
with a live dealer casino provably fair is impossible to accomplish. (if I understood it right)
*............. If there was an automated software on the player's computer which verifies all game outcomes it ensures the provable is proven....... so there is nothing like this yet on the market?
*....... If enough players used it then it would become impossible for the house to cheat for any significant period of time. I am sure that if this would exist that most of the players would use it.
cheers
|
|
|
|
Dabs
Legendary
Offline
Activity: 3416
Merit: 1912
The Concierge of Crypto
|
|
September 07, 2013, 01:26:40 PM |
|
If there was an automated software on the player's computer which verifies all game outcomes it ensures the provable is proven....... so there is nothing like this yet on the market?
As far as I am aware, since each site implements it a little bit differently, there is no one software that can check all sites universally. Each site does allow you to check, so there might be some that check for you already. A lot have built in verifiers which you can extract, dissect, and make it run independently of the site. Some even have links to 3rd parties that are checking. It's possible someone will make a collection of these verifiers available. All sites have an "about" or a "provably fair" page that explains what you need to do.
|
|
|
|
elm
Legendary
Offline
Activity: 1050
Merit: 1000
|
|
September 07, 2013, 01:48:10 PM |
|
is there a 3rd party provably fair provider for me as a casino owner? can I buy a service like this or do I need hire progammer to do this for my games?
cheers
|
|
|
|
Dabs
Legendary
Offline
Activity: 3416
Merit: 1912
The Concierge of Crypto
|
|
September 07, 2013, 02:59:18 PM |
|
Just show a page how your provably fair is implemented, with an example. People will then be able to do it on their own. If all bets are public, it's even easier to verify.
Or is your question meant differently? As in, do you already have an existing offline casino and want to make it online and implement a provably fair system? You'll have to hire a programmer to do this.
Give me a use case and I can try and point you in the right direction.
|
|
|
|
elm
Legendary
Offline
Activity: 1050
Merit: 1000
|
|
September 07, 2013, 03:42:00 PM |
|
@Dabs
we are a group of partners (all grandpas) who want to bring a casino online. at the start we thought to start/create a live dealer online casino. but as we know now it is not provably fair we changed our mind and go for a RNG online casino. and if I understood You right that would mean that we need to hire programmer to implement a provably fair system.
but we are interested that the games will be played without any big delays. we even think to start with roulette first and then add BJ and Slots later.
|
|
|
|
|