We have performed an analysis of the provably fair code on DoubleDownBTC and believe that it is not legitimate. There is absolutely no guarantee that the shuffle generated is random, so they could be packing the deck in their favor.
Using the values from the provably fair dialog, when we try to manually generate the deck given the game seed, we get a different deck of cards. This means that on the server side it is not actually using this verification data. We suspect that the server is not following the rules of provably fair and is shuffling the deck however it wants.
GameID: 523d3d4915413651609f8cbf
Game Seed == Server Seed + Client Seed:
14593047563445106624089340932
Mersenne(Game Seed) == Final shuffled deck (first 52 cards):
kd8hjhah4d3c9c6h9hkskcjc7djdah7sahtdtc8c3hjd4skh2c2d
Can you please demonstrate how you were able to generate that deck of cards given that game seed?
The client-side Javascript function that verifies the deck shuffle has been purposely disabled. The function is called check_game(), and it is supposed to check that the deck that was actually played is the same as what the server committed to when it initially sent the server seed. However, after this function shuffles the deck, it then just cheats and manually sets the generated deck of cards to what the server dealt:
var game_cards = game_info_package.deal_hash_source.slice(1, first_close_paren);
check_cards_string = game_cards;
if (check_cards_string == game_cards) {
proves_deck = true;
Essentially the code is generating the deck, but then setting check_cards_string to equal game_cards, so that the test will always pass. This means that the verify dialog will falsely tell you that the shuffle was legitimate, when it in fact was not.
To summarize, the server is not shuffling the deck in a provably fair way. The client code has been purposely disabled to not point out this error. Please be careful. We dont want people getting scammed betting with their Bitcoins, especially on a site that looks almost identical to Bitcoin Video Casino.