I was thinking about the concept of provably fair crypto games and how they supposedly ensure that all numbers generated for any game are actually random. They seem to be based on sharing the seed that was used as input to the PRNG, after the game is over. That way you can verify yourself that based on that seed, the numbers were indeed from that PRNG (they often share a hash of the seed when the game starts too).
But obviously some seeds are less fair than others. Let's take a dice game. A player may on average only play for 30 rolls before giving up (for example. You could work out the average once you have enough players). Now, a sequence of random numbers based on a given seed might be fair (i.e. Uniformly distributed) for a sufficiently large sequence of numbers. But what about the first 30? It would be trivial to "brute force" (i.e. Just guess at random) a whole bunch of seeds and see what numbers they return for the first x numbers (say, 30). A game that is supposedly provably fair could then have a database of known seeds that are favorable to the game operator, and use these when a player is detected as placing large bets. Or when a player first starts playing to entice them to play more.
Obviously there is the issue of reusing seeds and their hashes then being identical. But not all provably fair games publish the list of seeds used. And besides, it wouldn't be hard to use each seed only once and find more favorable seeds. If you only care about the first 30 or so number from the number generator, then there are plenty of seeds available.
I don't see how the blockchain helps here. Sure, you publish seeds on the blockchain. But I'm talking about the method used to choose the seeds in the first place. And even if a site claims to use the seeds themselves, how do you know they're actually doing that? Anybody can publish data on the blockchain, doesn't mean that's what is being used behind the scenes.
I'm sure I've missed something here, can somebody point it out?
[link] [comments]
source https://www.reddit.com/r/btc/comments/gwvaxm/is_provably_fair_actually_fair_seed_precomputation/