trout (OP)
|
|
October 16, 2013, 05:25:33 AM Last edit: October 17, 2013, 12:08:22 PM by trout |
|
here's a possible cheat for a site: change the game the user played. If the user bets on "high" ("red") and the result is a win, just pretend he bet on "low" (or "black" or whatever), so the result is a loss. Or change any other parameters of the game, such as odds. Keep everything else (hashes, etc.) the same.
The user would know he'd been cheated, but (s)he would have no way of proving it to anyone.
This problem does not exist with on-chain gaming sites, where the bets are made publicly.
I think this can be solved by introducing used-side private keys and randomness, but this complicates the verification considerably
or am I missing something here?
EDIT: realized that it's even easier to cheat: just change the balance to an arbitrary value. This problem does not exist in on-chain as well as in real-life casinos
|
|
|
|
meta.p02
|
|
October 16, 2013, 10:37:26 AM |
|
I take video. Now what?
Anyway, sites like JD, PD already have a client seed that you can change at will. The roll can only be determined from the secret server seed and your own seed.
|
|
|
|
trout (OP)
|
|
October 16, 2013, 11:05:14 AM |
|
I take video. Now what?
video is not "provably fair" Anyway, sites like JD, PD already have a client seed that you can change at will. The roll can only be determined from the secret server seed and your own seed.
and this has nothing to do with the problem described in OP.
|
|
|
|
🏰 TradeFortress 🏰
Bitcoin Veteran
VIP
Legendary
Offline
Activity: 1316
Merit: 1043
👻
|
|
October 16, 2013, 11:14:13 AM |
|
here's a possible cheat for a site: change the game the user played. If the user bets on "high" ("red") and the result is a win, just pretend he bet on "low" (or "black" or whatever), so the result is a loss. Or change any other parameters of the game, such as odds. Keep everything else (hashes, etc.) the same.
The user would know he'd been cheated, but (s)he would have no way of proving it to anyone.
This problem does not exist with on-chain gaming sites, where the bets are made publicly.
I think this can be solved by introducing used-side private keys and randomness, but this complicates the verification considerably
or am I missing something here?
You're not missing anything. However, the USER will know he bet high / low. And that user will stop betting.
|
|
|
|
Zaih
|
|
October 16, 2013, 11:28:08 AM |
|
If a few users post saying thus occurred, then I'd assume that is the same as them having hard evidence of the hashes not adding up.
|
|
|
|
trout (OP)
|
|
October 16, 2013, 12:49:20 PM |
|
You're not missing anything. However, the USER will know he bet high / low. And that user will stop betting.
That's a bit weak to be called "provably fair" though. I can imagine both a site singling out a user or two to cheat on - and still keeping its good reputation, and a bunch of colluding users starting to slander a site claiming they were cheated this way - just to bring the site's shares down, for example. Actually, I wonder why none of these has happened yet, especially the second scenario.
|
|
|
|
ASICSRUS
Member
Offline
Activity: 70
Merit: 10
Expert Computer Geek
|
|
October 16, 2013, 05:32:54 PM |
|
I take video. Now what?
Anyway, sites like JD, PD already have a client seed that you can change at will. The roll can only be determined from the secret server seed and your own seed.
secret server seed is the way they change at will ~ besides no one can even tell me who invented the "provably fair" term! = fffkin boatload of kool aid !
|
|
|
|
knowitnothing
|
|
October 16, 2013, 05:39:05 PM |
|
I take video. Now what?
Anyway, sites like JD, PD already have a client seed that you can change at will. The roll can only be determined from the secret server seed and your own seed.
secret server seed is the way they change at will ~ besides no one can even tell me who invented the "provably fair" term! = fffkin boatload of kool aid ! You can't change the secret server seed because that will change the hash you received earlier. Even if you find a collision, you would still need to find one that gives the same results along all the rolls. Regarding the origin of the term, I replied to you earlier. Here is the exact reply: """ An old enough reference: Constructive and Provably Fair Coin Flip in Byzantine Networks. B Awerbucb, B Char, S Goldwasser, S Micali - 1984. """
|
|
|
|
ASICSRUS
Member
Offline
Activity: 70
Merit: 10
Expert Computer Geek
|
|
October 16, 2013, 06:00:34 PM |
|
I take video. Now what?
Anyway, sites like JD, PD already have a client seed that you can change at will. The roll can only be determined from the secret server seed and your own seed.
secret server seed is the way they change at will ~ besides no one can even tell me who invented the "provably fair" term! = fffkin boatload of kool aid ! You can't change the secret server seed because that will change the hash you received earlier. Even if you find a collision, you would still need to find one that gives the same results along all the rolls. Regarding the origin of the term, I replied to you earlier. Here is the exact reply: """ An old enough reference: Constructive and Provably Fair Coin Flip in Byzantine Networks. B Awerbucb, B Char, S Goldwasser, S Micali - 1984. """ that referance is so old, what does that have to do with online dice fairness? +even your ggdice is rigged i can tell by playing for the past 5 minutes at 91% seeing multple RED in short order and whacks before key pivot points! gtfo!
|
|
|
|
knowitnothing
|
|
October 16, 2013, 06:31:38 PM |
|
I take video. Now what?
Anyway, sites like JD, PD already have a client seed that you can change at will. The roll can only be determined from the secret server seed and your own seed.
secret server seed is the way they change at will ~ besides no one can even tell me who invented the "provably fair" term! = fffkin boatload of kool aid ! You can't change the secret server seed because that will change the hash you received earlier. Even if you find a collision, you would still need to find one that gives the same results along all the rolls. Regarding the origin of the term, I replied to you earlier. Here is the exact reply: """ An old enough reference: Constructive and Provably Fair Coin Flip in Byzantine Networks. B Awerbucb, B Char, S Goldwasser, S Micali - 1984. """ that referance is so old, what does that have to do with online dice fairness? +even your ggdice is rigged i can tell by playing for the past 5 minutes at 91% seeing multple RED in short order and whacks before key pivot points! gtfo! What's the problem with reusing meaningful terms that perfectly apply to the current use ? To me it's like saying the word "search" is too old and has nothing to do with online search. I'm not sure why I'm arguing with you, but can you at least say the actual user you played with ? If you're user 2296, you played with a payout of 3x, win chance of 33%, at room 1 with Fakecoins. You won 3 times and lost 5. Even if you lost all of them, or won all of them, that wouldn't make the game rigged. You can check your rolls online at http://jsfiddle.net/wn3CT/embedded/result/Now, by looking in the recent bets at 91% win chance, I see user 2290. Is that you ? Your current profit after after 214 bets is 989.80139959 FC , where you won 197 times for a win ratio of 92.06%.
|
|
|
|
ASICSRUS
Member
Offline
Activity: 70
Merit: 10
Expert Computer Geek
|
|
October 16, 2013, 06:39:43 PM |
|
I take video. Now what?
Anyway, sites like JD, PD already have a client seed that you can change at will. The roll can only be determined from the secret server seed and your own seed.
secret server seed is the way they change at will ~ besides no one can even tell me who invented the "provably fair" term! = fffkin boatload of kool aid ! You can't change the secret server seed because that will change the hash you received earlier. Even if you find a collision, you would still need to find one that gives the same results along all the rolls. Regarding the origin of the term, I replied to you earlier. Here is the exact reply: """ An old enough reference: Constructive and Provably Fair Coin Flip in Byzantine Networks. B Awerbucb, B Char, S Goldwasser, S Micali - 1984. """ that referance is so old, what does that have to do with online dice fairness? +even your ggdice is rigged i can tell by playing for the past 5 minutes at 91% seeing multple RED in short order and whacks before key pivot points! gtfo! What's the problem with reusing meaningful terms that perfectly apply to the current use ? To me it's like saying the word "search" is too old and has nothing to do with online search. I'm not sure why I'm arguing with you, but can you at least say the actual user you played with ? If you're user 2296, you played with a payout of 3x, win chance of 33%, at room 1 with Fakecoins. You won 3 times and lost 5. Even if you lost all of them, or won all of them, that wouldn't make the game rigged. You can check your rolls online at http://jsfiddle.net/wn3CT/embedded/result/i set it to 91 percent and you see 3 red on the screen you know its bullshit ~come on turkey! LMAO
|
|
|
|
knowitnothing
|
|
October 16, 2013, 06:49:01 PM |
|
I take video. Now what?
Anyway, sites like JD, PD already have a client seed that you can change at will. The roll can only be determined from the secret server seed and your own seed.
secret server seed is the way they change at will ~ besides no one can even tell me who invented the "provably fair" term! = fffkin boatload of kool aid ! You can't change the secret server seed because that will change the hash you received earlier. Even if you find a collision, you would still need to find one that gives the same results along all the rolls. Regarding the origin of the term, I replied to you earlier. Here is the exact reply: """ An old enough reference: Constructive and Provably Fair Coin Flip in Byzantine Networks. B Awerbucb, B Char, S Goldwasser, S Micali - 1984. """ that referance is so old, what does that have to do with online dice fairness? +even your ggdice is rigged i can tell by playing for the past 5 minutes at 91% seeing multple RED in short order and whacks before key pivot points! gtfo! What's the problem with reusing meaningful terms that perfectly apply to the current use ? To me it's like saying the word "search" is too old and has nothing to do with online search. I'm not sure why I'm arguing with you, but can you at least say the actual user you played with ? If you're user 2296, you played with a payout of 3x, win chance of 33%, at room 1 with Fakecoins. You won 3 times and lost 5. Even if you lost all of them, or won all of them, that wouldn't make the game rigged. You can check your rolls online at http://jsfiddle.net/wn3CT/embedded/result/i set it to 91 percent and you see 3 red on the screen you know its bullshit ~come on turkey! LMAO You can download your bets and make it public to other people see. If you were user 2290, here is a summary: http://pastebin.com/ZnW65Z5e
|
|
|
|
cbhelp
Newbie
Offline
Activity: 56
Merit: 0
|
|
October 16, 2013, 07:00:55 PM |
|
the worst thing about of chain betting sites like just diced r that the owner knows the secret seed and can bet against his investors and steal all of the money at any time. the owner could make it look like thata random user came in and won all of the btc but really it was the owner stealing. Doog has admitted it is possible.
|
|
|
|
icedicedavid
Full Member
Offline
Activity: 154
Merit: 100
Ice-Dice.com | Massive Referral Bonus!
|
|
October 16, 2013, 07:07:55 PM |
|
here's a possible cheat for a site: change the game the user played. If the user bets on "high" ("red") and the result is a win, just pretend he bet on "low" (or "black" or whatever), so the result is a loss. Or change any other parameters of the game, such as odds. Keep everything else (hashes, etc.) the same.
The user would know he'd been cheated, but (s)he would have no way of proving it to anyone.
This problem does not exist with on-chain gaming sites, where the bets are made publicly.
I think this can be solved by introducing used-side private keys and randomness, but this complicates the verification considerably
or am I missing something here?
https://ice-dice.com we don't roll high or low. you select a range to guess the number. you can choose 25-75 and if the number lands in between that you will win.
|
|
|
|
knowitnothing
|
|
October 16, 2013, 07:13:19 PM |
|
the worst thing about of chain betting sites like just diced r that the owner knows the secret seed and can bet against his investors and steal all of the money at any time. the owner could make it look like thata random user came in and won all of the btc but really it was the owner stealing.
This is not a "feature" for the off the chain games, the same applies for the on the chain games. Open the verification page at satoshidice and you will find this: "In order to ensure that there is no way for the system to change the outcome of a bet, the secret keys used are decided ahead of time. They are not released right away, since they could be used to submit selective transactions and win bets unfairly". To solve this we need a new method for picking the results, while still maintaining the provably fair part.
|
|
|
|
knowitnothing
|
|
October 16, 2013, 07:17:59 PM |
|
... don't roll high or low. you select a range to guess the number. you can choose 25-75 and if the number lands in between that you will win.
The exactly same problem applies: 1) User picks the 25-75 range; 2) The roll results in 75 being selected; 3) The site tells the user he picked the 24-74 range.
|
|
|
|
ASICSRUS
Member
Offline
Activity: 70
Merit: 10
Expert Computer Geek
|
|
October 16, 2013, 07:19:36 PM |
|
here's a possible cheat for a site: change the game the user played. If the user bets on "high" ("red") and the result is a win, just pretend he bet on "low" (or "black" or whatever), so the result is a loss. Or change any other parameters of the game, such as odds. Keep everything else (hashes, etc.) the same.
The user would know he'd been cheated, but (s)he would have no way of proving it to anyone.
This problem does not exist with on-chain gaming sites, where the bets are made publicly.
I think this can be solved by introducing used-side private keys and randomness, but this complicates the verification considerably
or am I missing something here?
https://ice-dice.com we don't roll high or low. you select a range to guess the number. you can choose 25-75 and if the number lands in between that you will win. get out of here with that noise your site is rigged and you know it, plus you have major bugs/glitches! beta test with real btc?? Good Lord: you should go hide somewhere far away from here imo
|
|
|
|
ASICSRUS
Member
Offline
Activity: 70
Merit: 10
Expert Computer Geek
|
|
October 16, 2013, 07:22:02 PM |
|
the worst thing about of chain betting sites like just diced r that the owner knows the secret seed and can bet against his investors and steal all of the money at any time. the owner could make it look like thata random user came in and won all of the btc but really it was the owner stealing.
This is not a "feature" for the off the chain games, the same applies for the on the chain games. Open the verification page at satoshidice and you will find this: "In order to ensure that there is no way for the system to change the outcome of a bet, the secret keys used are decided ahead of time. They are not released right away, since they could be used to submit selective transactions and win bets unfairly". To solve this we need a new method for picking the results, while still maintaining the provably fair part. the only sure way i see is to have a live feed of someone actually throwing dice! hmmm *watch!*
|
|
|
|
knowitnothing
|
|
October 16, 2013, 07:33:55 PM |
|
the worst thing about of chain betting sites like just diced r that the owner knows the secret seed and can bet against his investors and steal all of the money at any time. the owner could make it look like thata random user came in and won all of the btc but really it was the owner stealing.
This is not a "feature" for the off the chain games, the same applies for the on the chain games. Open the verification page at satoshidice and you will find this: "In order to ensure that there is no way for the system to change the outcome of a bet, the secret keys used are decided ahead of time. They are not released right away, since they could be used to submit selective transactions and win bets unfairly". To solve this we need a new method for picking the results, while still maintaining the provably fair part. the only sure way i see is to have a live feed of someone actually throwing dice! How can the player know the dice is not loaded ? How can the player know the throws are not using some mechanism to make the dice land at a certain value ? Also, how can the player even know the entire throw was done in a live feed ? Maybe just part of the throw is, the other is not.
|
|
|
|
ASICSRUS
Member
Offline
Activity: 70
Merit: 10
Expert Computer Geek
|
|
October 16, 2013, 07:43:23 PM |
|
the worst thing about of chain betting sites like just diced r that the owner knows the secret seed and can bet against his investors and steal all of the money at any time. the owner could make it look like thata random user came in and won all of the btc but really it was the owner stealing.
This is not a "feature" for the off the chain games, the same applies for the on the chain games. Open the verification page at satoshidice and you will find this: "In order to ensure that there is no way for the system to change the outcome of a bet, the secret keys used are decided ahead of time. They are not released right away, since they could be used to submit selective transactions and win bets unfairly". To solve this we need a new method for picking the results, while still maintaining the provably fair part. the only sure way i see is to have a live feed of someone actually throwing dice! How can the player know the dice is not loaded ? How can the player know the throws are not using some mechanism to make the dice land at a certain value ? Also, how can the player even know the entire throw was done in a live feed ? Maybe just part of the throw is, the other is not. even loaded dice would produce fairer results than these scam sites! imho
|
|
|
|
|