Luckynumber.me has holes in their provably fair system, allows for manipulation

[RGBKey]

Luckynumber.me is not provably fair, because of the inclusion of time down to the millisecond in the decision of the final roll, this is why.

Say you make a bet at 3:34 PM, 13.23 seconds. The outcome of the roll was a win.

Luckynumber looks at your roll and calculates that it would be a win. So they pretend the server got the message a millisecond later. Let's do a new roll with a new time.

Your bet was now made at 3:34 PM, 13.24 seconds. The outcome of this roll is a loss.

This allows for major roll manipulation. They don't have to do this every bet. They can just do it on larger bets, or once every 20 rolls or so. It doesn't matter if some people win because they still have to keep their image up.

They can also repeat the time process multiple times until they get a losing roll.

You might say that you can see the clock at the bottom of the game and you know exactly when you clicked roll. Did you really? Do you know exactly how long it takes the message to get to the server and for the server to record the time? These are all things that can be used against you.

Gamble carefully.

[roslinpl]

Thanks for a warning.

This seems like dangerous for players and for them in a same time.

I hope they will read your post and maybe will change something in their system.

Regards

[Stunna]

Something I also noticed:

Another ridiculous detail is that the server time on site is different to actual server time as it uses javascript to calc individual server times. I have both my laptops open on luckynumber and the time is off by 2 sec. So effectively he can choose between the best few server times (with ease)

Given that they offer 60 coin payouts for individual bets with a very small bank it makes this possibility more concerning. This all goes without saying that giftcoins was unethical in stealing actual design files from PD that were unreleased, not just images. I will post more about that in the near future.

[sana8410]

good catch guys, anyway they can get the scammer tag???

[Rupture]

The forum does not do scammer tags.

[coinnewbit]

Wow. No wonder I have lost so much money there.

[kleineaap]

In my opinion there is no ideal system for off-chain sites right now, I have voiced my opinion that someone should develop an open-source standard and require all sites to run it to be "provably fair".

Even Stunna is acknowledging that every system has no ideal provably fairness.
New developments have to be made to end this scam accusations that lack insight.
I think this thread is pretty closed then.

[Varicon]

In my opinion there is no ideal system for off-chain sites right now, I have voiced my opinion that someone should develop an open-source standard and require all sites to run it to be "provably fair".

Even Stunna is acknowledging that every system has no ideal provably fairness.
New developments have to be made to end this scam accusations that lack insight.
I think this thread is pretty closed then.

I'd agree in saying that each system has its flaws, but the way this site implements it's provably fair allows for a much easier way for rolls to be manipulated, there isn't a 100% sure-fire way to know that your roll hasn't been manipulated. Other sites display a non-changing nonce (displayed before rolls) or an editable field, which as long as we record the nonce or edit our client-seed we can be sure our roll is not manipulated. We can neither edit or be sure of the time that the roll was placed because the time ticks by too quickly and as pointed out by another user, the time isn't even accurate.

[kleineaap]

In my opinion there is no ideal system for off-chain sites right now, I have voiced my opinion that someone should develop an open-source standard and require all sites to run it to be "provably fair".

Even Stunna is acknowledging that every system has no ideal provably fairness.
New developments have to be made to end this scam accusations that lack insight.
I think this thread is pretty closed then.

I'd agree in saying that each system has its flaws, but the way this site implements it's provably fair allows for a much easier way for rolls to be manipulated, there isn't a 100% sure-fire way to know that your roll hasn't been manipulated. Other sites display a non-changing nonce (displayed before rolls) or an editable field, which as long as we record the nonce or edit our client-seed we can be sure our roll is not manipulated. We can neither edit or be sure of the time that the roll was placed because the time ticks by too quickly and as pointed out by another user, the time isn't even accurate.

Sure thing. But I'd risk to say that 99.9% of the players on PD, for example, do not change client seed every bet.
Is it not - statistically - the same room for manipulation on both sites? Considering that both can, at their will, manipulate the rolls. The thing is that they don't. The problem is on the system itself, they have different provably fairs, and hopefully they can both change them one day, when a new system arrives that is more foolproof than now.

It's almost a linguistics question. People are saying that LN can't affirm it's provably fair because they cannot prove it's fair. But PD can't prove its fair system either, if client seed is not changed. Yet they are provably fair? 
I think there are accusations being made that are pointless, yet very serious because they are alarming users that don't understand how this fair system works.

Truth is we need a new system, to end up all this misunderstandings.
I'm pretty much sure that PD and LN are not manipulating anything, though.

[coinnewbit]

In my opinion there is no ideal system for off-chain sites right now, I have voiced my opinion that someone should develop an open-source standard and require all sites to run it to be "provably fair".

Even Stunna is acknowledging that every system has no ideal provably fairness.
New developments have to be made to end this scam accusations that lack insight.
I think this thread is pretty closed then.

I'd agree in saying that each system has its flaws, but the way this site implements it's provably fair allows for a much easier way for rolls to be manipulated, there isn't a 100% sure-fire way to know that your roll hasn't been manipulated. Other sites display a non-changing nonce (displayed before rolls) or an editable field, which as long as we record the nonce or edit our client-seed we can be sure our roll is not manipulated. We can neither edit or be sure of the time that the roll was placed because the time ticks by too quickly and as pointed out by another user, the time isn't even accurate.

Sure thing. But I'd risk to say that 99.9% of the players on PD, for example, do not change client seed every bet.
Is it not - statistically - the same room for manipulation on both sites? Considering that both can, at their will, manipulate the rolls. The thing is that they don't. The problem is on the system itself, they have different provably fairs, and hopefully they can both change them one day, when a new system arrives that is more foolproof than now.

It's almost a linguistics question. People are saying that LN can't affirm it's provably fair because they cannot prove it's fair. But PD can't prove its fair system either, if client seed is not changed. Yet they are provably fair? 
I think there are accusations being made that are pointless, yet very serious because they are alarming users that don't understand how this fair system works.

Truth is we need a new system, to end up all this misunderstandings.
I'm pretty much sure that PD and LN are not manipulating anything, though.

I saw you on Luckynumber chat just now!

[kleineaap]

So what?

[coinnewbit]

So what?

Nothing much.

[kleineaap]

So what?

Nothing much.

Heh. You see me in PD too

[Varicon]

I can change the game type and client seed at my will to at least make sure my bets are fine. Not that I change it every roll, but I frequently change game type so that's also one method.

[RGBKey]

In my opinion there is no ideal system for off-chain sites right now, I have voiced my opinion that someone should develop an open-source standard and require all sites to run it to be "provably fair".

Even Stunna is acknowledging that every system has no ideal provably fairness.
New developments have to be made to end this scam accusations that lack insight.
I think this thread is pretty closed then.

I'd agree in saying that each system has its flaws, but the way this site implements it's provably fair allows for a much easier way for rolls to be manipulated, there isn't a 100% sure-fire way to know that your roll hasn't been manipulated. Other sites display a non-changing nonce (displayed before rolls) or an editable field, which as long as we record the nonce or edit our client-seed we can be sure our roll is not manipulated. We can neither edit or be sure of the time that the roll was placed because the time ticks by too quickly and as pointed out by another user, the time isn't even accurate.

Sure thing. But I'd risk to say that 99.9% of the players on PD, for example, do not change client seed every bet.
Is it not - statistically - the same room for manipulation on both sites? Considering that both can, at their will, manipulate the rolls. The thing is that they don't. The problem is on the system itself, they have different provably fairs, and hopefully they can both change them one day, when a new system arrives that is more foolproof than now.

It's almost a linguistics question. People are saying that LN can't affirm it's provably fair because they cannot prove it's fair. But PD can't prove its fair system either, if client seed is not changed. Yet they are provably fair? 
I think there are accusations being made that are pointless, yet very serious because they are alarming users that don't understand how this fair system works.

Truth is we need a new system, to end up all this misunderstandings.
I'm pretty much sure that PD and LN are not manipulating anything, though.

The major difference is that Primedice, you can change your client seed every roll. If you don't, it's negligence and your own fault. If you bet on lucky number you're already giving up the fairness as soon as you roll.

[kleineaap]

In my opinion there is no ideal system for off-chain sites right now, I have voiced my opinion that someone should develop an open-source standard and require all sites to run it to be "provably fair".

Even Stunna is acknowledging that every system has no ideal provably fairness.
New developments have to be made to end this scam accusations that lack insight.
I think this thread is pretty closed then.

I'd agree in saying that each system has its flaws, but the way this site implements it's provably fair allows for a much easier way for rolls to be manipulated, there isn't a 100% sure-fire way to know that your roll hasn't been manipulated. Other sites display a non-changing nonce (displayed before rolls) or an editable field, which as long as we record the nonce or edit our client-seed we can be sure our roll is not manipulated. We can neither edit or be sure of the time that the roll was placed because the time ticks by too quickly and as pointed out by another user, the time isn't even accurate.

Sure thing. But I'd risk to say that 99.9% of the players on PD, for example, do not change client seed every bet.
Is it not - statistically - the same room for manipulation on both sites? Considering that both can, at their will, manipulate the rolls. The thing is that they don't. The problem is on the system itself, they have different provably fairs, and hopefully they can both change them one day, when a new system arrives that is more foolproof than now.

It's almost a linguistics question. People are saying that LN can't affirm it's provably fair because they cannot prove it's fair. But PD can't prove its fair system either, if client seed is not changed. Yet they are provably fair? 
I think there are accusations being made that are pointless, yet very serious because they are alarming users that don't understand how this fair system works.

Truth is we need a new system, to end up all this misunderstandings.
I'm pretty much sure that PD and LN are not manipulating anything, though.

The major difference is that Primedice, you can change your client seed every roll. If you don't, it's negligence and your own fault. If you bet on lucky number you're already giving up the fairness as soon as you roll.

I understand exactly what you mean, but saying you are giving up on fairness is quite a bold statement, and it's not entirely true.
Saying there are holes in that provably fair system is correct, as in the title of this thread. Otherwise you have users that can interpret your words and extend them right away to "scam website".
Heck, you posted this thread in Scam Accusations, which is not correct. Having a faulty provabilty fair system doesn't mean you are running a scam. Loads of other sites have and had problems with this system.

About Primedice, I have to say then that the majority actually give up on the fairness then, even Stunna said somewhere that most users don't change client seeds.
Is it their negligence? Yes, yet you will have accusations of manipulation, and eventually get responses "What, then I have to change seed every bet otherwise it's my fault and they are allowed to manipulate my roll?"

I'm trying to discuss the system here, which in my belief should be upgraded from the current we have now.

Hope you understand my two cents.

[zeeshanblc]

well when I take a look at their high bets it doesn't look like they are scammers and manipulating



That guy made over 5BTC in 8min

[RGBKey]

well when I take a look at their high bets it doesn't look like they are scammers and manipulating



That guy made over 5BTC in 8min

Why would they make it obvious?

[RGBKey]

Bump.

[kleineaap]

In my opinion there is no ideal system for off-chain sites right now, I have voiced my opinion that someone should develop an open-source standard and require all sites to run it to be "provably fair".

Even Stunna is acknowledging that every system has no ideal provably fairness.
New developments have to be made to end this scam accusations that lack insight.
I think this thread is pretty closed then.

I'd agree in saying that each system has its flaws, but the way this site implements it's provably fair allows for a much easier way for rolls to be manipulated, there isn't a 100% sure-fire way to know that your roll hasn't been manipulated. Other sites display a non-changing nonce (displayed before rolls) or an editable field, which as long as we record the nonce or edit our client-seed we can be sure our roll is not manipulated. We can neither edit or be sure of the time that the roll was placed because the time ticks by too quickly and as pointed out by another user, the time isn't even accurate.

Sure thing. But I'd risk to say that 99.9% of the players on PD, for example, do not change client seed every bet.
Is it not - statistically - the same room for manipulation on both sites? Considering that both can, at their will, manipulate the rolls. The thing is that they don't. The problem is on the system itself, they have different provably fairs, and hopefully they can both change them one day, when a new system arrives that is more foolproof than now.

It's almost a linguistics question. People are saying that LN can't affirm it's provably fair because they cannot prove it's fair. But PD can't prove its fair system either, if client seed is not changed. Yet they are provably fair? 
I think there are accusations being made that are pointless, yet very serious because they are alarming users that don't understand how this fair system works.

Truth is we need a new system, to end up all this misunderstandings.
I'm pretty much sure that PD and LN are not manipulating anything, though.

Friendly reminder.