What Does "Provably Fair" Mean?

If you're playing at an online casino, how can you be sure that they're not purposely generating results that will make you lose?

At a provably fair casino, they can prove to you that the results you're seeing are out of their control.

This is how a provably fair casino works…

What is a provably fair casino?

First of all, all online gambling is based on betting on the outcome of a randomly generated number.

Bitcoin Dice is about as simple as it gets…

You just bet on whether the result is going to be higher or lower than a number between 1 and 100. (e.g. Primedice).

Originally, the people running the dice website would generate the random number on their side (on their server), and we would just have to trust that the result was generated fairly:

But at a provably fair casino (or dice website), instead of relying solely on the server to generate the random number, we also have a hand in the generation of the random number.

Enter the seeds…

Before we bet, we both generate random numbers, called seeds:

And these two seeds are used to create the final random number:

Different casinos will combine the seeds differently (and they should tell you how they do it).

This means that the result of each bet at a provably fair casino is a team effort, so the casino is no longer in complete control the random number generation.

This is why provably fair casinos are better than traditional online casinos.

I'll explain how the two seeds are combined later.

Doesn't that mean we can control the result with our own seed?

Nice spot.

If we can see the casino's seed (server seed) first, then we can try it with different combinations of our own seed (client seed), and use a seed that produces a winning result:

If we can see the server seed first, we can determine the result.

Enter the hash…

To prevent this, the casino doesn't show us their actual seed at first. Instead, they give us a hash of their server seed:

This casino is hashing their seed with the SHA256 hash function.

Hash Functions A hash function takes some data, and scrambles it in to a new string of data. Hash functions are handy because: There is no pattern to the outputs it spits out. So you can't look at an output and figure out what the input was. It scrambles the data the same way each time. So if you put the same input in to it again, you will get the same output again. The new string of data is unique. So no two inputs will produce the same output. Here's a SHA256 hasher to try out.

The hash represents the seed they are using, but we can't figure out what the original seed is from it, so we can't use it to control the result.

However, after we have made our bet, the casino will reveal their actual seed (the non-hashed version):

And if we want, we can check for ourselves that it hashes to the same hash they gave us before we bet:

If they decide to change their seed, the hash will not match the one they gave us, and we will know they changed the seed they said they were going to use.

So by showing a hash of the server seed beforehand, they force themselves to stick to their seed.

The original server seed will still be used with our client seed to generate the result. It now just means that we don't get to see the server seed before we make our bet.

How can I prove that the result was fair?

After the result has been generated, you can take their server seed (the one they revealed) and your client seed, and combine them to see if you get the same result:

Again, you'll have to check with the casino to see how they go about combining the seeds.

If we get the same result, it shows that the result wasn't manipulated by the casino after we made our bet.

Or in other words; it proves that the casino generated the result fairly.

Ta da!