I’ve been building a browser-based betting game that runs as a Telegram Mini App. It’s called HexArena. I want to share what I built, how it works technically, and get some real feedback from people who know what they’re looking at.
I’ll be upfront: I know Telegram is full of garbage right now. Tap-to-earn clones, fake airdrops, rug pulls dressed up as games. I’m not here to pitch you. I’m here because this forum has people who actually understand provably fair systems, TON infrastructure, and what makes a gambling product legitimate or not. That’s the feedback I need.
What it isA physics-based last-ball-standing game. A hexagonal arena. 2 to 50 balls bouncing inside. Every few seconds one wall opens — any ball that exits through the open wall is eliminated. Last ball surviving wins the round. Rounds take 15-40 seconds.
Players pick a ball before the round starts and watch the simulation play out. They don’t control anything. The outcome is determined entirely by the physics simulation seeded from a provably fair RNG.
There’s also a PVP mode where real players enter the same lobby. House takes 5% rake from the pot, winner takes the rest. Each player gets one pulse boost per round — a single tap that increases their ball’s speed for one second. The timing of that boost is recorded server-side so it feeds into the final server-authoritative simulation.
How the provably fair system worksThis is the part I want the most scrutiny on.
Before each round the server generates a random seed and commits to it by sending the player a SHA-256 hash of that seed. The client also contributes a seed. The simulation runs deterministically from the combined seed — same inputs always produce the same outcome.
After the round the server reveals the original seed. The player can verify that SHA-256 of the revealed seed matches what they were shown before the round started. Every game history entry shows the client seed, nonce, sim seed, ball count, and winner. The verification is one tap inside the app.
The RNG is mulberry32. Fast, deterministic, well-documented. Same seed produces same sequence every time on both client and server. I’ve run 10,000 simulation pairs to verify client and server produce identical winners from identical seeds.
What I’m aware could be concernsI’ll name them before you do.
“How do I know the server isn’t choosing seeds that make you lose?”
The hash commitment is the answer. The server can’t change the seed after committing to its hash without detection. You can verify this yourself after every round.
“TON wallets and Telegram — isn’t that a red flag?”
Fair concern given the ecosystem. The wallet integration uses TON Connect. Deposits and withdrawals go through verifiable on-chain transactions. Nothing custodial happens off-chain.
“Why should I trust a new anonymous project?”
You shouldn’t yet. That’s the honest answer. What I’m offering is transparency about the mechanics and an open invitation to find holes in the system. If someone finds a flaw I want to know about it.
Current state • Fully Launched
• TON integration
• Solo mode and PVP mode both working
• Fixed 1 TON bet for launch to keep things simple while I verify the money flow end to end
What I’m looking for from this thread
Not promotion. Specifically: • Anyone who wants to audit the provably fair implementation
• Feedback on the game concept itself — is this something you’d actually play
• Any obvious trust or security concerns I haven’t addressed
• Honest opinion on whether the PVP pulse mechanic feels legitimate or gimmicky
Here is the telegram group link. If you want to join, talk, and maybe test the app, i will be waiting here happily.
https://t.me/HEXAREENAThanks for reading.
