Alternatively, let us assume a game scaled-down to only 12 cards: it is reasonable to expect that you could repeat a previously seen permutation and be abused by a malicious player. Adding a nonce would prevent cheating also in that case.
We protect ourselves from this scenario by adding a random server_seed to the Secret component. So, even for a game with a small deck of cards, the Secret will always be different because we'll choose a different server_seed for every shuffle.
So wouldn't it be fairer if, instead of this random seed, you use the current block hash?
The problem I see is that you claim that the seed is random, but I (players) cannot prove it. However, the block hash
is verifiably random, public to everyone. In that case, the card order would still be secret and I could not reasonably crack it in 10 minutes.
(in the few-cards scenario you'd still add some random bits more to the server secret, so that you avoid any card-permutation cracking attempt)