\[ALPHA\] FTC dice / coinflip game
-
[quote name=“slavco” post=“45216” timestamp=“1387230958”]
exactly and really I found only few services that do the same. Most of them are waving with exposing the formulas and not exposing the server keys hashes. :)
[/quote]As I mentioned, Satoshi’s dice does this, so does primedice, just-dice, and coinroll. If there are others out there with the same popularity, I’ve not heard of them.
[quote author=slavco link=topic=5931.msg45219#msg45219 date=1387231441]
or exposing the next day => they could calculate the winnings how they want and then to calculate appropriate hash.
[/quote]Just-dice, Satoshi’s dice, and coinroll expose it the next day. Primedice exposes it (and changes it) after every roll.
[quote]
In case of coinflip game creating such secret will have 0.5^number_of_plays probability to find. On small number of plays it’s possible and could be performed with almost no expense, but for popular sites no need of cheating => 50% probability and 1.95 will do the job :)
[/quote]I’m not following your math. If the server keys are of a fixed size which is suitably large, I don’t see how you could cheat that.
-
Simple brute force.
server keys are hashes => fixed size.
I have exposed my formula already.ok!
let say you have:
tx1 loose ; tx2 loose ; tx3 win and I claim that you have 50% probability for wining what is proven by my public formula right and applying server hash and txid.
I can generate not just one but many server side keys ( hashes ) that when applied with public formula will give exact output.
e.g. this means that I can calculate the winnings on 30% and serve you a hash that will prove that probability is really 50%.As you said, only exposing the hash of the server key before the bet and exposing the server key after the bet is the real proof that system is honest. :)
-
Soooo… you’re going to brute force a 256 bit hash collision?
I’ll believe it when I see it.
If we have a “perfect” hash function with output size n, and we have p messages to hash (individual message length is not important), then probability of collision is about p2/2n+1 (this is an approximation which is valid for “small” p, i.e. substantially smaller than 2n/2). For instance, with SHA-256 (n=256) and one billion messages (p=109) then the probability is about 4.3*10 ^60.
The Bitcoin network itself produces less than 10,000,000 hashes a second. At that rate, it would take the Bitcoin network itself 1*10^53 YEARS (that’s a 1 with 53 zeros after it) to produce a hash collision.
A mass-murderer space rock happens about once every 30 million years on average. This leads to a probability of such an event occurring in the next second to about 10^15. That’s 45 orders of magnitude more probable than the SHA-256 collision. Briefly stated, if you find SHA-256 collisions likely then your priorities are wrong.
-
Here, I’ll prove it to you.
I’ve picked a number at random. It’s encoding is EXACTLY 28 bytes.
Here’s the SHA-256 hash of it: fd6f52aad269c7188c44415185759929b65f80afc387a98a7fe568f9c9b5dbde
Go brute force me the number I picked. I’ll even give you the first 6 bytes: 59 6f 75 27 76 65
-
Nope we are talking different things ( my wooden engrish :) )
I say if coin game service give you the formula for the bet calculation and that formula proves that 50% probability of winning based on your txid and server key that will be revealed after the play, no matters if service on the server side calculate winning probability on 30% they can give you hash that will prove that your bet is really honest calculated e.g. 50%
Or via experiment:
- I’ll create a script on special address for you ( this can be done tomorrow )
- I’ll reveal the formula used to calculate the winnings it will claim 50% chances of winning
- After your 5 bets ( you will loose them all ) I’ll give you a key to check the fairness of the script and will prove that is correct.
-
[quote name=“slavco” post=“45234” timestamp=“1387234765”]
Nope we are talking different things ( my wooden engrish :) )I say if coin game service give you the formula for the bet calculation and that formula proves that 50% probability of winning based on your txid and server key that will be revealed after the play, no matters if service on the server side calculate winning probability on 30% they can give you hash that will prove that your bet is really honest calculated e.g. 50%
Or via experiment:
- I’ll create a script on special address for you ( this can be done tomorrow )
- I’ll reveal the formula used to calculate the winnings it will claim 50% chances of winning
- After your 5 bets ( you will loose them all ) I’ll give you a key to check the fairness of the script and will prove that is correct.
[/quote]
I don’t get it. You’re saying you’re going to reveal a hash of a piece of data that will be used in the calculation, and then after the rolls, you’ll produce a DIFFERENT piece of data that when hashed result in the SAME previously revealed hash, that will result in the same rolls as what was produced?
This I gotta see.
-
I’m saying that If I reveal the hash of the server key before bet I must be honest. ( the same as you say )
but If I’m revealing only the server key ( no matter what form it is ) after the play and not revealing server key hash before the play then I could cheat :) -
[quote name=“slavco” post=“45239” timestamp=“1387235530”]
I’m saying that If I reveal the hash of the server key before bet I must be honest. ( the same as you say )
but If I’m revealing only the server key ( no matter what form it is ) after the play and not revealing server key hash before the play then I could cheat :)
[/quote]Well then I’m not sure why were’re debating this. All the sites I listed reveal their server key prior to play. That’s the only way to make it fair.
-
They reveal server seed not secret. As i understand secret is revealed after the play
-
[quote name=“slavco” post=“45243” timestamp=“1387236020”]
They reveal server seed not secret. As i understand secret is revealed after the play
[/quote]They reveal the hash of the server secret. Afterwords, they reveal the secret. I can take the secret, and hash it myself, and compare it to the hash they showed.
-
Yup, that’s the only way fairness is calculated (server key hash before and server key after ) and on big number plays per day def. the margin is the only one that ensures the profit. :)
-
any amount to test ? I have 0 ftc at the moment . my adress is below.I will play as soonas possible
-
I have another question , why the odds are 1.85and not 2 ? I din’t know how this works . 0-49 is 50/100 ,1/2 winning odds , am I wright ?
-
[quote name=“psvexploit” post=“45635” timestamp=“1387317921”]
I have another question , why the odds are 1.85and not 2 ? I din’t know how this works . 0-49 is 50/100 ,1/2 winning odds , am I wright ?
[/quote]That’s called the house margin, and it’s to ensure site profitability over the long term.
If the odds were 2, the operator would expect to make no money over the long term. With 1.85, while you’ll still roll a winning bet 50% of the time, you’ll only ever get back 85% of your winnings.
There’s other sites with much lower house odds (98% is very popular), as well as one I’ve heard of that has no house margin. These sites also have much higher limits, and most do the betting off-chain as to not create lots of dust outputs.
-
I’ll send you 1 FTC to try it and you can play min 0.1 and max 0.5. Thx
you have it 1 FTC at 6uALi6ydo1faXPdju6FAE59BHdpwounPkM
-
[quote name=“Kevlar” post=“45248” timestamp=“1387237854”]
[quote author=slavco link=topic=5931.msg45243#msg45243 date=1387236020]
They reveal server seed not secret. As i understand secret is revealed after the play
[/quote]They reveal the hash of the server secret. Afterwords, they reveal the secret. I can take the secret, and hash it myself, and compare it to the hash they showed.
[/quote]Exactly what ftcgames does, TXID of the placed bet + the secret - whether the secret shows immediately after or 24 hours or a week or even a year later is irrelevant because there isn’t a cat in hells chance of reproducing [i]exactly[/i] the same hashes for [i]every[/i] given hashed result using a different secret and the same given formula.
…And we also offer less than 2% house edge. :)
Now on a similar note I have a question for Kevlar that has bugged me for ages even though I have implemented this system myself because other sites do this -
But, is the reason to show the secret after the bet because the TXID could be altered by the punter to generate the result they required if it was shown before? < Is this really possible? And if so how could it be pulled off? Or is it because no-one really knows if it’s possible? :) -
[quote name=“UKMark” post=“45949” timestamp=“1387401190”]
[quote author=Kevlar link=topic=5931.msg45248#msg45248 date=1387237854]
[quote author=slavco link=topic=5931.msg45243#msg45243 date=1387236020]
They reveal server seed not secret. As i understand secret is revealed after the play
[/quote]They reveal the hash of the server secret. Afterwords, they reveal the secret. I can take the secret, and hash it myself, and compare it to the hash they showed.
[/quote]Exactly what ftcgames does, TXID of the placed bet + the secret - whether the secret shows immediately after or 24 hours or a week or even a year later is irrelevant because there isn’t a cat in hells chance of reproducing [i]exactly[/i] the same hashes for [i]every[/i] given hashed result using a different secret and the same given formula.
…And we also offer less than 2% house edge. :)
Now on a similar note I have a question for Kevlar that has bugged me for ages even though I have implemented this system myself because other sites do this -
But, is the reason to show the secret after the bet because the TXID could be altered by the punter to generate the result they required if it was shown before? < Is this really possible? And if so how could it be pulled off? Or is it because no-one really knows if it’s possible? :)
[/quote]Yes, it’s entirely possible. Here’s how I would do it.
If I knew the secret ahead of time, I’d generate a transaction that I wanted to win. I’d then sha256(sha256(tx)) to get it’s ID. If it was a losing ID, I’d add another output spend to an address I owned for 1 satoshi to the tx, and get the new ID. If this ID lost, i’d increment the amount to 2 satoshi’s, check the id, increment to 3 satoshis, check the id… and keep repeating that until I got a winning transaction. I would then broadcast that transaction to the network.
-
[quote name=“Kevlar” post=“45954” timestamp=“1387401548”]
[quote author=UKMark link=topic=5931.msg45949#msg45949 date=1387401190]
[quote author=Kevlar link=topic=5931.msg45248#msg45248 date=1387237854]
[quote author=slavco link=topic=5931.msg45243#msg45243 date=1387236020]
They reveal server seed not secret. As i understand secret is revealed after the play
[/quote]They reveal the hash of the server secret. Afterwords, they reveal the secret. I can take the secret, and hash it myself, and compare it to the hash they showed.
[/quote]Exactly what ftcgames does, TXID of the placed bet + the secret - whether the secret shows immediately after or 24 hours or a week or even a year later is irrelevant because there isn’t a cat in hells chance of reproducing [i]exactly[/i] the same hashes for [i]every[/i] given hashed result using a different secret and the same given formula.
…And we also offer less than 2% house edge. :)
Now on a similar note I have a question for Kevlar that has bugged me for ages even though I have implemented this system myself because other sites do this -
But, is the reason to show the secret after the bet because the TXID could be altered by the punter to generate the result they required if it was shown before? < Is this really possible? And if so how could it be pulled off? Or is it because no-one really knows if it’s possible? :)
[/quote]Yes, it’s entirely possible. Here’s how I would do it.
If I knew the secret ahead of time, I’d generate a transaction that I wanted to win. I’d then sha256(sha256(tx)) to get it’s ID. If it was a losing ID, I’d add another output spend to an address I owned for 1 satoshi to the tx, and get the new ID. If this ID lost, i’d increment the amount to 2 satoshi’s, check the id, increment to 3 satoshis, check the id… and keep repeating that until I got a winning transaction. I would then broadcast that transaction to the network.
[/quote]Brilliant thanks for that. 8)
Hmmm now to find those sporadic sites that show before you play or worse still just sha256 the txid :o, if they haven’t gone bust by now that is. :D
-
Yup on small amount of bets I can easy find the secret ( with given formula ) that will satisfy the games outcomes e.g. prove that system is fair. For x number of bets probability for me to generate secret key that will prove that game is fair is 0.5^x. For example if we have 10 bets and I want to generate secret that will satisfy the outcomes probability for me to find that secret is 0.000976562 ;)
The only fair situation is the following: to reveal before the bet hash of the secret and after the bet to reveal the secret.
Do you want to make an experiment:
- I’ll reveal the formula
- I’ll create special address for you
- You place 5 bets x 10 FTC ( you will loose them all )
- I’ll give you secret that will satisfy the formula and the outcome
What do you think? :)
-
thx for 1 ftc , I have played 2 dayys ago , i sent 0.1 on the head , and received back shortly after a small amount like 0.001 ftc , after that I sen another 0.2 to the head adress and again I received 0.001 and I sent again 0.1 to the head adress and another 0.001 was received . That means I lost all the bets ? is this what the system should work ?