Provably Fair

Verify that every game outcome is fair and unmanipulated.

What is Provably Fair?

Provably fair is a cryptographic system that ensures game outcomes cannot be manipulated by either the casino or the player. Before each round, a hash of the game result is published. After the round, you can verify that the result matches the hash.

How It Works

We use HMAC-SHA256 to generate game seeds. A server seed is hashed and published before bets are placed. Combined with a client seed and nonce, this generates the game result. After the round, the unhashed server seed is revealed for verification.

The Process

1

Server Seed Generation

Before the round begins, the server generates a random seed and publishes its SHA-256 hash. This commits the server to the outcome before any bets are placed.

2

Client Seed

Each player has a client seed (derived from their wallet address) that contributes to the final result. This ensures the server alone cannot determine the outcome.

3

Result Calculation

The game result is calculated by combining the server seed, client seed, and a nonce (round number) using HMAC-SHA256. The first 8 characters of the resulting hash determine the crash point.

4

Verification

After the round, the unhashed server seed is revealed. Anyone can verify the result by running the same HMAC-SHA256 calculation and confirming it matches the pre-published hash.

Verify a Game

Enter the game hash from any round to verify the outcome was fair.

Technical Details

Crash Game Formula

// Generate crash point from hash
function getCrashPoint(hash) {
  const h = parseInt(hash.slice(0, 8), 16);
  const e = Math.pow(2, 32);
  return Math.max(1, (0.97 * e) / (e - h));
}

Hash Chain

Game results are generated using a hash chain. Starting from a final hash, each previous hash is the SHA-256 of the next. This means all future results are pre-determined but cannot be predicted without knowing the unhashed seeds.

Verification Code

const crypto = require('crypto');

function verify(serverSeed, clientSeed, nonce) {
  const hmac = crypto.createHmac('sha256', serverSeed);
  hmac.update(clientSeed + ':' + nonce);
  const hash = hmac.digest('hex');
  return getCrashPoint(hash);
}