What Does "Provably Fair" Mean?

If you're playing at an online casino, how can you be sure that they're not purposely generating results that will make you lose?

At a provably fair casino, they can prove to you that the results you're seeing are out of their control.

This is how a provably fair casino works…

What is a provably fair casino?

First of all, all online gambling is based on betting on the outcome of a randomly generated number.

Bitcoin Dice is about as simple as it gets…

You just bet on whether the result is going to be higher or lower than a number between 1 and 100. (e.g. Primedice).

Originally, the people running the dice website would generate the random number on their side (on their server), and we would just have to trust that the result was generated fairly:

But at a provably fair casino (or dice website), instead of relying solely on the server to generate the random number, we also have a hand in the generation of the random number.

Enter the seeds…

Before we bet, we both generate random numbers, called seeds:

You can choose any seed you want.

You can choose any seed you want.

And these two seeds are used to create the final random number:

Different casinos will combine the seeds differently (and they should tell you how they do it).

This means that the result of each bet at a provably fair casino is a team effort, so the casino is no longer in complete control the random number generation.

This is why provably fair casinos are better than traditional online casinos.

I'll explain how the two seeds are combined later.

Doesn't that mean we can control the result with our own seed?

Nice spot.

If we can see the casino's seed (server seed) first, then we can try it with different combinations of our own seed (client seed), and use a seed that produces a winning result:

If we can see the server seed first, we can determine the result.

Enter the hash

To prevent this, the casino doesn't show us their actual seed at first. Instead, they give us a hash of their server seed:

This casino is hashing their seed with the SHA256 hash function.

The hash represents the seed they are using, but we can't figure out what the original seed is from it, so we can't use it to control the result.

However, after we have made our bet, the casino will reveal their actual seed (the non-hashed version):

And if we want, we can check for ourselves that it hashes to the same hash they gave us before we bet:

If they decide to change their seed, the hash will not match the one they gave us, and we will know they changed the seed they said they were going to use.

So by showing a hash of the server seed beforehand, they force themselves to stick to their seed.

The original server seed will still be used with our client seed to generate the result. It now just means that we don't get to see the server seed before we make our bet.

How can I prove that the result was fair?

After the result has been generated, you can take their server seed (the one they revealed) and your client seed, and combine them to see if you get the same result:

Again, you'll have to check with the casino to see how they go about combining the seeds.

If we get the same result, it shows that the result wasn't manipulated by the casino after we made our bet.

Or in other words; it proves that the casino generated the result fairly.

Ta da!