What is and how to build a provably fair system in javascript

The global online gambling & betting market accounted for USD 45.8 billion in 2017 and is expected to reach USD 94.4 billion globally by 2024.

Imagine going to an online gambling site. You put your money in it and start playing. The first number that was generated is 82 and you may wonder: how can I make sure that the numbers that are generated aren’t altered in any way?

What is provably fair?

Provably fair is a way that enables the player to check if a generated number is truly random and hasn’t been manipulated in any way.

Each result is generated using the following parameters:

client-seed — a randomly generated selection of text that you can (and should) modify. This is generated at the client/browser level. server-seed — a randomly generated selection of text (usually a 64-character hex string). This is generated server-side. You will get a hashed version of this before you start gambling, in this way you can make sure that the outcome has been pre-determined and not changed after the result was generated. nonce — a sequential bet number

Generating a random number

First of all, let’s generate the client and server seed.

Client seed:

function randomString(length) {

const availableChars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";

let randomString = '';

for(let i = 0; i < length; i++) {

randomString += availableChars[Math.floor(Math.random() * availableChars.length)];

}

return randomString;

}

And we can easily generate random strings with variable length

randomString(30) // jd2X84d1jvUvIqcaRFmVWIsot2zIeH

randomString(30) // XaX6MWShOwxAZbggz4dfTYVd6EuIzw

randomString(30) // 95zrd3MsUZJ6AOE9OdPu9ctKxmgQpy

Server Seed:

For the server seed, we are supposing that this will be generated server-side so we can use the crypto module for that:

This will generate the server seed, a 256 characters random string

Putting everything together:

combination = Server Seed + Client Seed + Nonce

Then, we calculate a SHA-512 hash of that combination. That gives us a 128 character hex string: