Sorry about that, there's a problem with actuallyfair where it's having some networking issue when connecting to the server that is privately hosted for bustabit. I have a permeant fix for that, and plan on deploying it today in a few hours

Before bustabit accepts any bets to a round, it connects to ActuallyFair and collects the piece of information it needs to calculate a game result (the bust point). Only then does the round open for bets.  So should ActuallyFair not be available, bustabit would be paused until it's able to connect.  If it was done in a different way (e.g. Bustabit could start without ActuallyFair) it would open the possibility of cheating (i.e. bustabit pretends it couldn't connect to ActuallyFair because it didn't like the roll outcome).

All that said, ActuallyFair has been specifically designed to be highly available. Customers are provisioned with their own dedicated instance, which is firewalled so only the customer can connect to it (i.e. making it immune to DDoS attacks and the like) , and it has automatic fallback in a different physical location. So I hope to not have to eat my words, but availability should be very, very good.

I'll be acting as the third party, so perhaps I can speak to this.  What devans wrote above is a great answer.  But to add a bit more context, the main benefit of a third party auditor is actually for bustadice. On Bustadice ActuallyFair will be able to provide a significant amount of guarantees, this is because ActuallyFair is given and records all the bet information before the outcome is provided to bustadice. However in bustabit this is not possible because players are able to cashout after bustabit knows the crash point.

So more practically ActuallyFair was used to provide a lot of value to Bustadice, and it sort of just makes sense to use the same system for both even though the benefits to Bustabit are more minor.

We have rebranded from provablyhonest.com to actuallyfair.com -- however everything will continue to function normal, and all old URLs and services will operate as usual.

Yeah, you are able to verify this by analyzing the by the "gameResult" function

Also quoting to show the post hasn't been edited, and confirming bitcoin block 831500 has not yet been mined.

Just to avoid side-tracking this thread with stuff about ProvablyHonest, I replied on my PH thread: https://bitcointalk.org/index.php?topic=5457142.msg62734550#msg62734550

Crash is actually quite a difficult to do well, because it's a "realtime" game, latency really matters. And because it's multiplayer, you have to keep progressing the game for everyone.

There's a demo here of how to do crash with ProvablyHonest ( https://github.com/provablyhonest/vx-demo/blob/master/crash.ts )  but basically the casino simply "finds out" what the bust is at the *start* of the game (in a way that is provably fair, and wouldn't allow PH to cheat). Then the crash game happens, and then casino reveals the information to PH to show they computed the outcome correctly.

So the main advantage here, is from the casinos point of view: They don't need to worry as much about storing a highly secret "master seed" that if ever was leaked/looked-at would compromise all their games. They only find out the outcome just at the start of the game. But they still need to keep that a secret during the actual game. It would be trivial for the casino to have a bug which leaked the crash-outcome during the game. And this bug could be maliciously entered by a hacker / compromised-employee / backdoor etc.


A more atomic game, like dice, however ProvablyHonest does a much better job at. (code eg. https://github.com/provablyhonest/vx-demo/blob/master/dice.ts ). That is because the casino sends all the bet information (who is betting, how much they're betting, what they're betting on) to PH first and then it gets the outcome. Then it verifies the outcome (to make sure PH is not cheating). This is a much "nicer" design, because the casino never has a secret they need to store. They can't accidentally leak anything, because they never know it. Even if their software was compromised, the attacker can't really do anything that's not detectible.

Hi hopenotlate,

To answer your question directly, I am dealing with MoneyPot at arms-length. And there are other casinos who are testing out ProvablyHonest services, but likely will not launch with it for at least another 6 months.  ProvablyHonest has been in development for quite a long time, just the domain was to launch under was only recently resolved.


And to answer your question more practically: You should assume that MoneyPot and ProvablyHonest are the same entity and conspiring. You should assume we are have a strong relationship and abusing it. The entire system was actually built upon the premise:

MoneyPot should assume that ProvablyHonest and the player are conspiring. [So all outcomes it can verify itself, based on this]
Players should assume that MoneyPot and ProvablyHonest are conspiring.  [All provably fair guarantees remain!]
ProvablyHonest should assume that MoneyPot and players are conspiring [e.g. it's playing on it's own site]


Even under this "worst case" assumption, the guarantees are identical to any other provably fair casino.  But if the assumption is not correct, then there's additional security and verifications guarantees. But the really important point I want to stress is that there's no reason you should or need to believe they are separate entities.


FWIW the "additional guarantees" that ProvablyHonest offers are actually pretty minor in crash. ProvablyHonest works much better for an atomic game like "dice". Really the main winner here is actually just MoneyPot not needing to store a long-lived secret that if seen would compromise all future games and lead to the site easily be abused.

Hey TopGame,

seoincorporation is correct. You're fairly picking a salt, but by itself this does nothing because you haven't proved the other input to gameResult function is fairly picked.

Presumably you're using bustabit's method of provably fair. But what they do is first commit to a hashchain, and then prove the hashchain was not unfairly picked. You can see their seeding event:
https://bitcointalk.org/index.php?topic=922898.0  which you should use as a template


--

Also if you're interested in collaborating, I would be happy to help you setup a slight improvement over that with provablyhonest.com.  You can see a casino that recently launched using it, here's there seeding event:  https://bitcointalk.org/index.php?topic=5459744.0

It is significantly more complicated, but provides some additional guarantees. Specifically in the case of crash, it helps prevent the casino needing to store a long lived "top secret" that can derive all future games, making it much easier and safer to run a casino

In conclusion the house edge in roobet is between 5% and 6%. Closer 5% if you are targeting low multipliers and closer to 6% if you are targeting high multipliers. It's not clear if this is intentional or an artifact of the bustabit v1 code that was copied to generate the game outcomes. Incidentally bustabit currently offers a flat 1% house edge, making it a strictly more economically better place to gamble. And the new moneypot.com offers crash in a very bustabit v1 style odds, with a house edge starting at only 0.1% (but based on a much more complex formula involving the casinos bankroll).

Ok, that's good. But you need to include that information in your provably fair section and verification. That way if the round duration is not 30 seconds, someone can tell the round is not fair.


But your system is still has issues. For instance now the "ROUND_CREATED" and "SECRET" are values created by you, and as soon as you create those values you know the game outcome, thus you grind it to pick what ever outcome you want.

The standard solution would be a simply hash chain, popularized by bustabit ( https://bitcointalk.org/index.php?topic=2807542.0 ) or more novel approach would be using https://provablyhonest.com/ 's hashchain which would be able to offer you some extra guarantees against software errors or compromises

Let's use your provably fair demo:




But let's say the round ended 1 second earlier (i.e.   const ROUND_ENDED = "6/20/2023, 10:31:31 PM"; )

it would print:

Because we have no way of verifying when the round should have ended (or started!) there's no way to know if you have manipulated the result (or not). 

A malicious site operator could easily cheat by picking secrets, start or end times to lead to what ever result they wanted. Therefor it's not provably fair =)[/code]

Congratulations on the launch. Unfortunately your provably fair system isn't actually provably fair. In fact, it's not even provably pre-determined


Firstly, never use md5, it's been fully obsoleted for almost 15 years. You're already using sha256, so just stick to that. No need to mix in anything different.  But the way you use it is very strange, you md5 the ROUND_CREATED ... for no purpose. And then don't md5 the ROUND_ENDED.  You could actually just remove md5 with no functional difference.


But your fatal flaw is you have control of three variables SECRET, ROUND_CREATED and ROUND_ENDED which are timestamps. There's no way to validate that these values are picked fairly.  The ROUND_ENDED is particularly insidious, because it would allow you to trivially cheat (i.e. make the round end 1 second later/earlier to prevent someone winning big).


If you are interested, I'm happy to help you integrate a best-in-class provably fair system and give you some demo code. I run https://provablyhonest.com/  and your roulette use case is well supported. Basically you'd use a hash-chain exactly like this: https://github.com/provablyhonest/vx-demo/blob/master/crash.ts#L75  and I'd make a custom roulette game type for you (which the outcome could be simply  `vx_signature % 15` ). Anyway, if you're interested I'm happy to help.  (And besides creating a robust provably fair system, my scheme would also help provide additional security guarantees)

Kind of. It's more of an alternative way of doing provably fair (while still being provably fair) that allows 3rd party auditing. It's unfortunately not compatible with existing provably fair systems, so it's not simply just a verification tool

Today I'm happy to soft-launch a product I've been working on for quite a while.

The core service I have is quite robust, and ready for real production use. Before a hard-launch, I'd like to get in contact with any (new or existing) casinos who might be interested.


We have devised a clever little ceremony that allows us (a third party) to participate in a casinos provably fair game result generation. We call our service Vx (short for Verified-By). After careful design we ensure the following guarantees:

• The player is able to verify their games (all provably fair guarantees are preserved!)
• Vx is able to verify all games (immediately!)
• The casino does not need to trust a player (aka the status-quo)
• The casino does not need to trust Vx
• A player and Vx can not conspire to cheat the casino
• A player and the casino can not conspire to trick Vx

The Benefits to the Player
Under a standard provably fair system, if a player is cheated, the burden falls on them to validate their games meticulously—an often technical task that fewer than 1 in 10,000 players undertake. Furthermore, even if a player identifies cheating, they lack tangible evidence to present. Claims against casinos typically are baseless, which makes any legitimate complaint without evidence difficult to present. With the introduction of Provably Honest, players gain a third-party who can verify their games on their behalf, without compromising the players' ability to validate the games independently, should they question Provably Honest's credibility.


The Benefits to the Casino
Operating an online casino can be slightly terrifying. With so many possible exploit vectors, it's almost impossible to be totally confident in the security of your system. And to make matters worse, exploits can (and most often are) totally undetected/undetectable. Would a casino really notice if your cloud-hosting provider had a malicious employee that peeked at its server seed and proceded to carefully use it?


Our service, Vx, provided massive security benefits by actively contributing to game outcomes. Thus, even if the casino's security is entirely compromised, Vx maintains a record of its transactions. This allows casino owners to conduct independent audits and reconcile the findings with their actual revenue. This newfound insight provides unprecedented assurance. Never again question if a players win was legitimate or not. Know.

The Potential Challenges
The most notable drawback lies in the fact that Vx becomes an essential component in the casino's game betting pathway. This means that for every single bet, the casino must communicate with Vx. If Vx's service suffers from any delay or disruption, all bets will be affected correspondingly. This is something we take very seriously, and have put a huge amount of effort on. We have designed our system to shard, so we can offer every casino their own dedicated service that is hosted physically close to their servers.

For more information check us out at https://provablyhonest.com and don't hesitate to get in touch