Just-Dice is not provably fair to gamblers

[feedthedogs]

I have raised this with Dooglus over a week ago, we discussed solutions but he has decided the site will not change.

The problem
The client side key is generated by the server initially and has no security so it can be changed at any time

Background
There are three parts to generating a fair bet:

• Server Key - given to the user as a hash
• Client Key - known by the user (and should be generated by the user)
• Bet number

The time and size of a bet have nothing to do with the result.

How can this be abused
The nature of Just-Dice rolls are that you bet high or low in a 0-100, if the client and server key are generated by the server they can pre-prepare client-server keys that will result in rolls in their favor.
for example they can generate millions of sets of hashs until the results:
1) are generally 10-90 so that people will not get the rare 10x payout rolls (less than 10 or greater than 90)
2) have long streaks above or below 50 to send martingalers bust
So use your imagination, they can dictate the roll results

The technical details
The code is available here:
https://just-dice.com/javascripts/dice.js
A beautified copy:
http://pastebin.com/CatuARX2

The Server and Client keys can be changed at any time by the server, here is the corresponding code:

Code:

  socket.on("shash", function(data) {
    $("#shash").html(data)
  });
  socket.on("seed", function(data) {
    $("#seed").html(data)
  });

The only protection is if the user writes down both keys and verify their bets every 100 rolls, after that your bets a no longer visible

When you load the site, the client key is provided by the server, this is not a problem for returning users, but first time visitors should have their own java-script engine generating a client key, here is the code:

Code:

  socket.on("init", function(data) {
    ... other code ...
    $("#shash").html(data.shash);
    $("#nonce").html(data.nonce);
    $("#seed").html(data.seed);

It is possible to use the randomize function when you first enter the site, but I do not believe many users do this.

Caveat
I am not accusing the site of rigging rolls, I am just saying that it is possible.

[1714690295]

1714690295

[FPCN]

Reserved.

[elbill]

Dooglus also change the algorithm without warning in September and arbitrarily, causing losses to many users, the only way to solve this is in court but he has hidden in his anonymity to avoid starting a legal process. But the day will come.

[Kyraishi]

haha dooglus should do provably fair for investment.

[RGBKey]

It is provably fair if the gambler takes the correct steps to make sure it is. If you are reckless, then it does not matter anyways. As to changing the way the rolls are calculated, he did this to make it more secure for the site. This is no way would cause losses to people.

[a1choi]

how could it be changed to be provably fair to gamblers?  Do other sites also exhibit similar weakness?

[Automatic]

how could it be changed to be provably fair to gamblers?

Generate client seed client-sidedly.

[royalblako]

I'm not tech savy so i didn't understand much of what you said, but i lost some btcs there, so i'd like to know what's up.

[aahzmundus]

From my understanding of the issue... JD IS provably fair, you just have know way of knowing doog did not cheat.

If doog wanted to fuck people over he could just look at the seeds and bet on his own site and win.  Or hell, he could just run away with the 40,000+ that people trust with him.

If doog wanted to cheat you, he would just run with the money.

Also, doog is not anonymous...

[everydice]

how could it be changed to be provably fair to gamblers?  Do other sites also exhibit similar weakness?

It depends on how the site generate their server seed.

If and only if the method they are using is unique per user with instant checking (like Just-Dice.com and EveryDice.com), then you only need to change the client seed once. After that, there is *no way* the site is able to manipulate the roll. Remember that you pick your client seed after the site show their server seed hash

[Automatic]

I'm not tech savy so i didn't understand much of what you said, but i lost some btcs there, so i'd like to know what's up.

What's up? In theory he could have influenced the numbers that come up to be in a less-than-random (But still not chosen) order, as, he provides two of the three parts of a hash, and, the third part is simply an incrementing number, something that you could easily test with.

He still couldn't force you to bed more than/less than, or, what percentage, so, the best he could do is profile your betting procedure to guess how you bet, then attempt to test a bunch of hashes until they are ordered in the way that profiles you.

tl;dr no, he probably didn't steal from you, but, it is an issue to be concerned with, assuming I'm understanding this correctly (I believe I'm understanding the issue correctly, but, maybe not the repercussions)

[RGBKey]

I'm not tech savy so i didn't understand much of what you said, but i lost some btcs there, so i'd like to know what's up.

Wow, you should not gamble if you don't expect to lose money.

[zolace]

Ahhzamundos, do you know him personally?  

Just asking cause we dont truly know anyone.


Anyway I commend the person on top, was a point I was trying to make a while ago.  now im sure your get ops to challenge you to protect there rep so they wont lose business.  

I was trying to warn others about this, that I found a developer who can manipulate dice.  Thats why I truly stopped betting cause I saw a funny pattern.   Especially with martingale.    People are not gonna listen to this, they gonna see his side but if those was exposed earlier im sure the site would have been doomed.  People trust these OPS with there life.  

[royalblako]

I'm not tech savy so i didn't understand much of what you said, but i lost some btcs there, so i'd like to know what's up.

Wow, you should not gamble if you don't expect to lose money.

When did i say that i didnt expect to lose money lol?
I just said i lost some btc there, im not crying, i know perfectly the risks, but from what i understood in this thread the game MIGHT be rigged, and i would like to know what is going on since im not really tech savy.

[dooglus]

I have raised this with Dooglus over a week ago, we discussed solutions but he has decided the site will not change.

I've had an ongoing discussion with this guy in a support ticket where he basically tried to extort me.  He gave me three options: fix the "bug", pay him for his silence, or he'll post a thread about it.  Since I don't consider this a bug, and I don't ever pay extortionists, I told him to go ahead and publish his findings.  So he did.

I guess now I get to enjoy rebutting his points all over again, only in public this time.  

The only protection is if the user writes down both keys and verify their bets every 100 rolls, after that your bets a no longer visible

Nothing magical happens every 100 rolls.  Your client and server seed stay the same until you change them.  If you're referring to the 'all bets' log, then that's silly.  If you don't trust me, then why trust me that the 100 listed rolls are real?  You need to write down each roll as it happens surely.

I am not accusing the site of rigging rolls, I am just saying that it is possible.

It basically boils down to this:

Any provably fair site can cheat its users if the users don't take the steps required to verify the fairness.

At Just-Dice, those steps are:

1) make a note of the server seed hash
2) set your own (unpredicable) client seed
3) play as much as you like, making a note of your rolls
4) verify the rolled numbers

Players who care about fairness will follow those steps, and players who don't, won't.  If you follow those steps then there's no way I can cheat you.

Your thread subject, "Just-Dice is not provably fair to gamblers" isn't accurate.  More accurate would be "Just-Dice is provably fair to any gambler who cares about provable fairness and can be bothered to take the steps to verify the proof".

[dooglus]

Dooglus also change the algorithm without warning in September and arbitrarily, causing losses to many users, the only way to solve this is in court but he has hidden in his anonymity to avoid starting a legal process. But the day will come.

The old algorithm and the new algorithm both cause many losses.  When users play the 10% game they lose around 90% of the time!

If you think that the change to the algorithm somehow "made" people lose, I don't know what to tell you.

Plenty of warning was given, including on the 'Fair?' tab which describes the algorithm:

[flower1024]

It basically boils down to this:

Any provably fair site can cheat its users if the users don't take the steps required to verify the fairness.

At Just-Dice, those steps are:

1) make a note of the server seed hash
2) set your own (unpredicable) client seed
3) play as much as you like, making a note of your rolls
4) verify the rolled numbers

doesn't step 2 require at least 100 rolls?
if i understand you right doesnt that mean that you can cheat the first 100 rolls of every user?

btw i am not concerned. i did choose just-dice because i do trust dooglus. i would never gamble anywhere where i do not trust the operator - even if they claim to be provable fair and has lots of trust of others and i did check the code.

[dooglus]

2) set your own (unpredicable) client seed

doesn't step 2 require at least 100 rolls?
if i understand you right doesnt that mean that you can cheat the first 100 rolls of every user?

No.  You can 'randomize' (and so set your client seed) any time you have made 0 rolls with your current seed pair, or more than 9.  What you can't do is randomize after every few (1 to 9) bets.  But you can randomize as many times as you like if you've not bet at all.

My first design of the site forced new players to type a client seed before they could start playing, but it was pretty much universally disliked by the testers.  It turns out most people don't want to be bothered to think about the details and would rather get to the game itself as soon as possible, so I removed that feature before launching the site to the public.

[feedthedogs]

Your thread subject, "Just-Dice is not provably fair to gamblers" isn't accurate.  More accurate would be "Just-Dice is provably fair to any gambler who cares about provable fairness and can be bothered to take the steps to verify the proof".

By default its not provably fair, perhaps should put this on your site:

This game is provably fair*

*At Just-Dice, those steps are:
1) make a note of the server seed hash
2) set your own (unpredicable) client seed
3) play as much as you like, making a note of your rolls
4) verify the rolled numbers

how could it be changed to be provably fair to gamblers?

Generate client seed client-sidedly.

Its not much to ask, but he is refusing to do it for some reason.

The second change I asked for is condition checking in the code that lets the server change the seeds (he can do any time during your betting), something simple like "if user has randomize window open then allow seed changes otherwise refuse" would work.

[elbill]

Dooglus also change the algorithm without warning in September and arbitrarily, causing losses to many users, the only way to solve this is in court but he has hidden in his anonymity to avoid starting a legal process. But the day will come.

The old algorithm and the new algorithm both cause many losses.  When users play the 10% game they lose around 90% of the time!

If you think that the change to the algorithm somehow "made" people lose, I don't know what to tell you.

Plenty of warning was given, including on the 'Fair?' tab which describes the algorithm:

Yes now, but not before. Not in October, November or December. The algorithm was changed without prior announcement, only a mention in a thread at the end of September.
The above algorithm was much less profitable than the current algorithm for you, Just compare the profits. I agree to play with the above algorithm, not the current and initially only asked that, something reasonable following your logic. I promised that would take this to court and I will. I have not forgotten.