Thanks for taking the time to read it pozmu. I know it's a beast. However, with something like this I feel it's important to be as completely thorough as possible.

Regarding the bet ID, yes, that is actually what I saw first, and flipped out about, only really having the 'no hash at all until you say you're looking' sink in later. I thought the bet ID was in the hash, and that can easily be faked. But it was explained it's the bet number, always 0, unless it's a multibet. And using that, the rolls DID hash out correctly.

As for understaning having to click the button 'to start' - why? Why be forced to inform the server you're watching at all? Most betting sites publish the hash on a static page anyone can see.

If you publish the hash on a standalone page, you could read the hash on your phone, not logged in, then bet from your PC, and the server would NEVER know you checked the hash. Giving them absolutely no opportunity to cheat, because anyone, at any time, can check.

Forcing me to tell you I'm looking just screams 'We're making you tell us for a reason.'

As for being impossible to ban from a casino, yeah, it is. But since I obviously bet larger amounts, all he needs to do is put a manual hold/approval for all withdrawals on any account with more than XXX BTC in deposits or bet volume, and before allowing a withdrawal, check the blockchain for linked coins, etc. Yes it's a lot of work for him, but it's an even bigger risk for me. It's not worth it.

And as for the bet verifier - absolutely. The problem is, you gotta click that button. Which tells them you're verifying. Which means it will never not verify.

Best case scenario, if everyone starts verifying, they can't cheat.

Hmm. Maybe tonight I'll write a javascript plugin for 999dice that clicks the hash button automatically after every bet processes. Enough people start doing that, and I bet we see the .1% house edge increase within a few weeks.