I also realized, you also copied bustabit's seeding event and then removed the protections it offers (either out of malice, or more likely incompetence
)
By publishing it here, we are preventing our ability to pick an alternate SHA256 chain or modify parts of it from our side, causing change in results from the chain.
That only made sense on bustabit because the terminating hash was (well) published (and archived by numerous 3rd party sources) before a client seed was provably fairly (using a bitcoin block hash) picked. You on the other hand have removed the client seed (why?!!!) which removes protections for players that you picked a bad hash-chain. And in fact you promise to arbitrarily change it:
The longer a chain is in use, the higher risk is that the originating seed is found by a malicious third party (though still extremely unlikely). Due to this fact, we like to periodically update the base seed to ensure that the lifetime of a chain is not too long and the risk is minimalised.
which betrays a real lack of understanding about security of reversing a cryptographic hash. But if you're worried about some sort of brute forcing, you could always just use sha512 which would take like millions of trillions of times longer to brute force
And I find it rather bizarre that you would create a hash-chain of 10M long (from bustabit's original design) and then claim it's insecure because it's too long. Why wouldn't you just create one that's 1M long, and do a reseeding event each 1M games? (or w/e you want....)
That said, I can't imagine you are intentionally picking a bad hash-chain as the house edge is already so high that all chains are basically bad anyway. I just don't see how you expect to compete against bustabit when you've just massively jacked up the house edge, and massively wrecked the provably fair guarantees.