What prevents casino "pre-rolling"?

[Kluge]

Let's say you win on >90 out of 100.

What prevents the server from quietly pre-rolling with the client's self-generated seed and then re-rolling if the number's ever >90? -So it just dumps "bad rolls" and regenerates until the results favor the casino.

Would users ever notice they're generating and sending multiple hashes even though the casino site's only showing the hashes for the roll which generated a <=90?

[1715696467]

1715696467

[1715696467]

1715696467

[m19]

In provably fair casino's like PrimeDice the number is also determined by the client seed. So even a slightly different client seed would produce a total different outcome.

The scary part is when the casino pre-decides the client seed and the user doesn't change it.

Also, like with DiceBitco.in, they could skip winning rolls by ignoring some nonces (that's basically with you are saying in your first post?), but like with DiceBitco.in, thanks to provably fair users quickly discovered they were cheated.

The nonce is an sequentially number of the server seed - client seed combination.

[kolloh]

Yeah, there is always the risk that the casino is cheating you. Even in provably fair systems, there is often many ways of cheating the user.

You really need to find a reputable site and trust that they are playing fairly. A well though out provably fair system also helps, but is not full proof.

[Kluge]

In provably fair casino's like PrimeDice the number is also determined by the client seed. So even a slightly different client seed would produce a total different outcome.

The scary part is when the casino pre-decides the client seed and the user doesn't change it.

Also, like with DiceBitco.in, they could skip winning rolls by ignoring some nonces (that's basically with you are saying in your first post?), but like with DiceBitco.in, thanks to provably fair users quickly discovered they were cheated.

The nonce is an sequentially number of the server seed - client seed combination.

Thanks! So the server's seed must not ever change, right? It has one seed which generates each future nonce, where each pre-generated nonce is sequentially numbered? Each bet must then be made public, and hopefully the casino isn't betting to get past unfavorable rolls... But if the casino bets, they can still pre-roll so long as it's within a short-enough span of time that the user who would've won would've noticed, yeah?

Even if the client generates a new seed, I'd guess it's possible that the casino already pre-generated a boatload of casino-favorable seeds, so that must be why sites allow users to "invert" their number selection (less than instead of greater than) - to prove they aren't doing that.

[Dabs]

Yes, if you think you have figured out a pattern, or it's rolling HIGH, then you can "invert" and roll LOW. Or the other way around.

In other variants, you might have more than one betting option, such as in Roulette, or Sic Bo.

There is one simple change that site operators / owners can do to assure provable fairness: most sites create an account for you, and suggest that you set up a user name and password, and optionally 2FA. In that same process, if it is the first time, they should also ask you to create the player or client seed (after showing the server seed hash) before you even make your first roll. The client seed shouldn't even be "suggested".

That's what I would do anyway, if I had my own site.

[kolloh]

Yes, if you think you have figured out a pattern, or it's rolling HIGH, then you can "invert" and roll LOW. Or the other way around.

In other variants, you might have more than one betting option, such as in Roulette, or Sic Bo.

There is one simple change that site operators / owners can do to assure provable fairness: most sites create an account for you, and suggest that you set up a user name and password, and optionally 2FA. In that same process, if it is the first time, they should also ask you to create the player or client seed (after showing the server seed hash) before you even make your first roll. The client seed shouldn't even be "suggested".

That's what I would do anyway, if I had my own site.

Yeah, I agree it would be much preferred to ask you for a client seed rather than then automatically generating one for you.

[dooglus]

Yeah, there is always the risk that the casino is cheating you. Even in provably fair systems, there is often many ways of cheating the user.

Provably fair doesn't mean the casino can't cheat you. It just means that if they do, you can detect it if you put in the required effort (checking hashes, etc.)

You really need to find a reputable site and trust that they are playing fairly. A well though out provably fair system also helps, but is not full proof.

You need to trust that they will pay you in the event that you catch them cheating, sure. But you don't have to trust that they will deceive you about whether they are cheating or not. You can determine that for yourself with certainty.

Thanks! So the server's seed must not ever change, right? It has one seed which generates each future nonce, where each pre-generated nonce is sequentially numbered? Each bet must then be made public, and hopefully the casino isn't betting to get past unfavorable rolls... But if the casino bets, they can still pre-roll so long as it's within a short-enough span of time that the user who would've won would've noticed, yeah?

Even if the client generates a new seed, I'd guess it's possible that the casino already pre-generated a boatload of casino-favorable seeds, so that must be why sites allow users to "invert" their number selection (less than instead of greater than) - to prove they aren't doing that.

It's fine for the server seed to change so long as each time it does, all three of the following are true:

1) the user is aware that it has changed (preferably because the user requested the change; PRC dice used to change it each time they rebooted, so I wouldn't even notice sometimes, other sites change all the seeds on a daily basis which is inconvenient, but acceptabe; PD used to change it every roll which was a pain in the ass)
2) the user is presented with a hash of the new server seed, so he can make a note of it and check the hash when the seed is eventually revealed
3) the user is prompted to provide a new client seed after seeing the new server seed hash

You seem a little confused about the word "nonce". It is simply a number (n) whose value is used once each time it changes (n-once). So we have three things: server-seed, client-seed, nonce. The server makes up a random server-seed, publishes its hash, shows the hash to the user, the user makes up a client-seed and tells it to the server. The nonce is set to 0. Each time a roll is needed, the server hashes the two seeds and the nonce all together and does some math to come up with a number in the required range, then increments the nonce (adds one to it). That's all.

The user can look at the rolled numbers and verify that the nonce goes up by exactly one between each roll. That's all the verification he can do before he knows the server seed (since knowing the server seed would allow him to calculate his next roll before he made the roll).

Once the server seed is changed, and the old server seed is revealed, the player can hash the two seeds together with each nonce in turn to recreate all his old rolls and verify that they were accurate.

When you understand this, you can see that the casino can't "pre-roll" anything without being detected. They can't pre-generate a load of different server seeds, because they don't know what client seed you will use (you pick client seed AFTER they commit to a single server seed by publishing its hash) and they can't skip a bunch of nonces because you'll notice.

[kolloh]

You need to trust that they will pay you in the event that you catch them cheating, sure. But you don't have to trust that they will deceive you about whether they are cheating or not. You can determine that for yourself with certainty.

Yeah, I was thinking that there might be some other ways to undetectably deceive the user even when the system is provably fair. If the provably fair system is properly designed, it should be possible to detect any cheating though. You only really need to worry about the sites that claim to be provably fair but in reality are not.

[vevo]

I dont trust any site, just because they got backed by fans long ago, they will spread positive outlook on the casino and later take advantage of them when they dont expect or dont proove to do so, those are the true con artists.

[Testing123]

I dont trust any site, just because they got backed by fans long ago, they will spread positive outlook on the casino and later take advantage of them when they dont expect or dont proove to do so, those are the true con artists.

True, but when someone had the chance to scam a 5-figure (in unit of btc) and didn't take it, it should be pretty safe to consider that person trustworthy.

[bajlox]

I dont gamble at all but i read that some of them fake that users like some1 up mentioned dicebit.

I dont like this cuz it turn bad on cryptos.
Maybe i am wrong about it but that is what i think.

[azguard]

I dont invest my money in gamble but use there free and i must say that sometimes i take some of them.
Also know some people that live from this dont know how but they do.

Have some strange system on roulette and they always win.

[a1choi]

i'm trying to think of games which don't require a Client seed and still be provably fair.  does anyone have any examples of those types of games?

Either single or multi player/realtime types?

[m19]

i'm trying to think of games which don't require a Client seed and still be provably fair.  does anyone have any examples of those types of games?

Either single or multi player/realtime types?

The only thing you are doing by not using a client seed is proving the outcome was predetermined.

[Dabs]

Client seeds will always be required. Either in the form of a transaction id from a deposit, or some user input. There might be a way, and that is to use a third party random number, like from random.org.

It's a lot easier to just ask it from the player and use that.

On a downloaded client, if it is open source, your client can generate the seed unpredictably and fairly. I think the same can be said of client-side javascript.

[Dabs]

Actually, there is one type of game that can be provably fair without requiring any client seeds. It's a raffle or lotto type game. In effect, the bet is the client seed. I plan to make one soon, should be simple to code even for a non-coder like me.

The only thing you are doing by not using a client seed is proving the outcome was predetermined.

That's precisely what will happen, a predetermined outcome, but one where the players do not know, so they can bet against the outcome.

[a1choi]

Actually, there is one type of game that can be provably fair without requiring any client seeds. It's a raffle or lotto type game. In effect, the bet is the client seed. I plan to make one soon, should be simple to code even for a non-coder like me.

The only thing you are doing by not using a client seed is proving the outcome was predetermined.

That's precisely what will happen, a predetermined outcome, but one where the players do not know, so they can bet against the outcome.

the fear is that the operator can choose a server seed that provides unfavorable outcomes to the player, either through using the player betting behavior and playing against that, or by giving the player unfavorable initial situations (bad cards, etc).  There must be games where these vulnerabilities are not relevant at all because the game rules, or the game mechanics/play, inhibit these from being exploited.

edit: part of this fear/risk could be mitigated by the operator allowing the player to change the server seed (changing it to another random seed set by server), this might be used for a single player game.  multiplayer games might not be able to do this as easily.

[Dabs]

the fear is that the operator can choose a server seed that provides unfavorable outcomes to the player, either through using the player betting behavior and playing against that, or by giving the player unfavorable initial situations (bad cards, etc).  There must be games where these vulnerabilities are not relevant at all because the game rules, or the game mechanics/play, inhibit these from being exploited.

Turn based, or time based raffle or lotteries fall into this category. Pick a number from 1 to 100 (or balls, or combinations). Playing odds against the house, instead of a shared pot. If you pick the same number as the game (already predetermined with matching SHA256 hash), then you win. If not, you lose.

Games which run in a rapid fashion, such as dice, have this problem, since players roll several times a minute, or even every second; the only thing changing is the nonce. The site still does not know if you are rolling high or low though.

[ndnh]

I dont trust any site, just because they got backed by fans long ago, they will spread positive outlook on the casino and later take advantage of them when they dont expect or dont proove to do so, those are the true con artists.

True, but when someone had the chance to scam a 5-figure (in unit of btc) and didn't take it, it should be pretty safe to consider that person trustworthy.

He could be waiting for it to become 6-figure. That is how HYIP works.

[dooglus]

i'm trying to think of games which don't require a Client seed and still be provably fair.  does anyone have any examples of those types of games?

Either single or multi player/realtime types?

Imagine a game of rock/paper/scissors where you play against the site.

The site needs to prove that it has picked its move before you play, by giving you the hash of its move (plus some junk so you can't reverse the hash), but doesn't need to use a client seed, since there's no "bad deal" the site can give you.

If the site can figure out your betting pattern, it can beat you, but that's not cheating - that's what you would expect any decent opponent to do.

You only need to use a client seed when the site isn't allowed to pick its move/roll/outcome.

It's conceivable that someone would make a hi/lo style dice game where the site deliberately tried to beat the player by analysing his playing style. So long as everyone knows that that's the game they're playing that's fair enough, and no client seed is needed; the site would publish a hash of its next roll before each bet, but not allow the user to affect the roll with a client seed.

It might be fun to play such a game - bet low stakes H, H, H, H then increase the stake and bet L, hoping to catch the site out.

I suspect that picking rolls randomly would be near optimal for the site, but am not sure.