This came to me the other day, and i'm unsure on the details as I haven't went into the transaction scripts yet so please excuse me if the whole idea is nonsense.
Would it be possible to implement a PRNG in the transaction script in such a way that the payouts are automated to the winner of a gambling game? Something such as comparing the output of the PRNG specified in the transaction script with the last byte of the address and a small whitelist of addresses.
I presume that the scripting is turing-complete but space limited, but i'm not too familiar with this aspect of bitcoin myself.
Assuming it is turing-complete, you still need enough "random" data to seed your PRNG. Where are you going to get that data from in a way that isn't reproducible at a distance?
If you could delay the transaction (i.e. don't process until block x) you could submit a transaction and then use the block hashes for the next 6 blocks (1 hour) as your seed data. Not sure if Bitcoin can (or will) support transactions which can't be processed until a certain date but if they do ...
1) Current block is 123
2) Casino submits game to Bitcoin network (transaction has a not before block 129 limit)
3) Script skips block 124 and looks at block hashes of blocks 125, 126, 127, 128 to determine winner.
4) Transaction is included in block 129, payouts according to rng in script.
Would that work?
Is that possible in Bitcoin (or possible in future)?
If so it would eliminate operator fraud (well other than outright theft).
Proof of concept Game:
Operator website offers a game 10 BTC bet, One in 11 chance to win 100 BTC. The website provides user a deposit address. Players need no accounts, they can track their progress by looking up deposit address. Once there are 11 bets the website creates keep 10 BTC (the vig) and creates a 100 BTC transaction w/ a delay 6 block limit. The transaction uses the hashes of the next 5 blocks as the seed and the addresses used by players as payout. If you win the 100 BTC comes right to your wallet. If you don't you know the game was fair as the winner was determined by something in the future and you can verify results.
A simplified version wouldn't even need a RNG. Just take the XOR the hashes of the 5 blocks as your random data. Now start w/ least significant digit of the combined hash and compare it to the least significant digit of player's addresses. Is there a match? If yes then payout to matching addresses (payouts could be split - 1/58 chance). If not then look at next least significant. If there is no match for 10 digits (essentially quadrillions to one) then return the 10 BTC wager back to all players - void game.
On edit: fixes some mistakes & added clarification.