Last Updated: February 27, 2020

# Dice (Encrypted Version)

## Introduction

This page refers to the game known as "dice," commonly played by Internet casinos that use cryptocurrency for bets and transactions. The game has nothing to do with six-sided dice, but wins and losses are based on a random number between 0 and 10,000. It should also not be confused with other games titled just "dice."

## Rules

1. Contrary to the name of the game, wins and losses are based on a randomly chosen integer between (and including) 0 and 10,000.
2. The player will be able to determine either the winning goal or what a winning odds (2 for 1, for example).
3. The winning goal will be to either "roll" a number higher than some specified threshold or lower than another one.
4. If the player adjusts one element of the bet (winning goal or odds), then the other will be adjusted in such a way that the winning odds are inversely proportional to the probability of winning, ensuring the same house advantage on all possible bets.

## Example

Suppose a game is set to have a return of 99%. If the player configures his winning odds to 2 for 1, then the game will adjust his probability of winning as 0.99/2 = 49.5%. Goals that will achieve this are:

• Over 5050
• Under 4950

The player may toggle which of these goals he prefers.

Suppose the player adjusts the winning odds to 3 for 1. Then the game will adjust the probability of winning to 0.99/3 = 33%. Goals that achieve this goal are:

• Over 6700
• Under 3300

I do not know how ties are handled when the winning goal is an integer. The house edge is 0.01% less if ties push compared to ties lose.

The following table shows the winning goals according to the return to player (RTP) for bets that pay 2 for 1. For example, if a winning goal were under 4975, then the return to player would be 99.5%.

Return
to Player
Probability
Winning
Under Over
99.5% 49.75% 4,975 5,025
99.4% 49.70% 4,970 5,030
99.3% 49.65% 4,965 5,035
99.2% 49.60% 4,960 5,040
99.1% 49.55% 4,955 5,045
99.0% 49.50% 4,950 5,050
98.9% 49.45% 4,945 5,055
98.8% 49.40% 4,940 5,060
98.7% 49.35% 4,935 5,065
98.6% 49.30% 4,930 5,070
98.5% 49.25% 4,925 5,075

In the image above the bets that pay 2 for 1 are under 49,600 and over 53,999. The table above shows this results in a return of 99.2%. It can also be easily calculated as 2*(49600/100000) = 99.2%.

## Provably Fair

Suppose Amy and Bob want to play a game of rock-paper-scissors remotely and without trust. How could that be done?

It can easily be done by encrypting moves. There are many encryption programs online, like the one at miniwebtool.com. For example, suppose Amy wishes to play scissors. She could encrypt "scissors" and get the following encrypted message, known as a hash.

17f174ce4953e98e7418d22b29f7569505e4bcc39859e7825500d43a5ec1b87d d521d508d6ece5397021013c0c561bcd9ba947f1f40ac1a2f3a670b485b0aff6

She could then send it to Bob, before he makes his moving, to prove her move was predestined. Suppose Bob then declares his move as paper. Amy could then claim victory and prove it by telling bob to encrypt the message "scissors" and he will see it hashes to exactly the same hash Amy sent him before his turn.

However, Bob, knowing there are three possible outcomes only, might run "scissors" through a hashing program and know it hashes to the above and then choose rock. To defend against that, Amy should add some other text, random characters will do, to ensure Bob won't be able to decipher her hash. For example, she might encrypt "b980Cql98lbaj -- scissors" and get the following different hash.

5e4c68f7b35503c79b1aa31df87c6043bd30a1cff28b8431394cbbb829c90d4d51dec1b25ac5be44873572dbabd735c41006c83aff59ce06d3efe86513a57108

Note there are only 16 possible characters in a hash, 0 to 9 and the letters a to f. The whole hash is actually number, written not in base-10, but base-16, known as hexadecimal.

The concept is the same in "probably fair" gaming. However, an additional layer of security is added in letting the player have influence over the outcome of the bet as well. Otherwise, the casino could cheat. For example, noticing the player usually bet "over" in Dice and then giving him a low number as the game result, even if encrypted.

The way it works, in plain simple English, is as follows:

1. Casino picks a random string of characters (known as a Seed), encrypts it into a Hash, and provides that hash to the player, to prove the casino's contribution to the outcome was predestined.
2. The player chooses his own seed.
3. Players makes a bet.
4. The two strings are joined together (in either order).
5. The combined string, from step 5, is encrypted to a hash.
6. Some part of the hash is converted from base 16 to base 10.
7. Some part of the result from 6 is mapped, perhaps the last six digits, is mapped to a number from 0 to 999,999. That shall be the game outcome.
8. At the conclusion of the bet, the casino will reveal it's own Seed, which the player may verify that it encrypts to the Hash provided, before the bet was made. This will show the outcome was predestined once the player chose his own Seed.

Despite all of this, the casino can still cheat. One way this might be done is through the default player Seed. If the player goes to the Fair Gaming screen, he will see a default player Seed. The player is welcome to click to pick different ones or enter his own, but I doubt many players fuss with that. A cheating casino might carefully choose the default player Seed and casino Seed to combine and hash to a losing outcome for the player.

Another way the casino could cheat would be to simply choose a casino seed that hashes to a losing outcome, even if doesn't Hash to the outcome provided to the player before the bet. This is exactly what happened to me when I played at Wixiplay. If you catch the casino in a seed/hash mismatch, what can you do? If you accuse them of cheating they will either deny it without comment or just ignore the accusation. When I was cheated by Wixiplay they initially ignored me. Later, I complained to the Curacao Gaming Control Board and didn't even get the courtesy of a reply.

### Provably Fair Casinos

Name Wizards Seal DE Friendly  Play
NO YES
NO YES
NO YES
NO YES
YES YES
NO YES
NO YES
NO YES
YES YES
NO YES
NO YES
NO YES
NO YES
NO YES

## Gaming Outcome Program

It is rather time consuming to jump through all the hoops listed above to determine if a game outcome is fair. To simplify the process, I wrote the program in PHP which will easily determine the game outcome, given both player and casino seeds. This program will work, if and only if the game outcome is determined as follows:

1. Join server and client seeds, server seed first.
2. Generate a SHA-512 hash of the string from step 1.
3. Convert first five characters of the hash from hexadecimal to decimal.
4. If the result from step 3 is over 999,999, then advance five positions in the hash and go back to step 3. Otherwise, go onto step 5.
5. Take the last five digits from step 3. This shall be the game outcome.

This script will work for the Dice game at Crypto.Games. Other casinos may determine the random six-digit number a different way or use a hashing program other than SHA-512.

To use my program, go to this PHP Sandbox, follow the directions in the comments at the top regarding when to enter, and click "Execute code." The game outcome and confirmation of a legitimate Server Seed will appear in the Result box below the code.

As a back-up, the button below will reveal my code.

```// Dice game conversion for Crypto.Games
// To use, enter Client Seed on line 5, Server Seed on line 6, and Hash of next Server Seed on line 7.

\$client_seed = "f0g9s8f7g097sdfg098sd7f0g87s0fg897";
\$server_seed = "SxG74IkdDRmWh0jT015TCA01fUoCA0lI2N3KxS8L";
\$next_hash = "1c42ef7fcbb94c2841d4ee88467c13813c30f5f774260f1a308b960884a7fd8b";
\$server_seed_hash = hash('sha256',"\$server_seed");
\$combined_seed = \$server_seed.\$client_seed;
echo "Combined seed = \$combined_seed\n";
\$combined_hash = hash('sha512', \$combined_seed);
echo "Hash of combined seed = \$combined_hash\n";
\$position=0;
\$first_five=substr(\$combined_hash,\$position,5);
// echo "First five characters, starting with position \$position = \$first_five\n";
do
{
\$hex_to_dec=hexdec(\$first_five);
\$position+=5;
}
while (\$hex_to_dec > 999999);
// echo "Converted to decimal = \$hex_to_dec\n";

\$mod5=\$hex_to_dec%100000;
echo "\nGame outcome = \$mod5\n";
if (\$server_seed_hash == \$next_hash)
{   echo "Server seed match.\n"; }
else
{
echo "SERVER SEED MISMATCH!\n";
echo "Server seed =\t\$server_seed\n";
echo "Server seed Hash=\t\$server_seed_hash\n";
echo "Alleged next Hash=\t\$next_hash\n";
}

// Procedure
// 1.  Join server and client seeds, server seed first.
// 2.  Generate a SHA-512 hash of the string from step 1.
// 3.  Convert first five characters of the hash from hexidecimal to decimal.
// 4.  If the result from step 3 is over 999,999 then advance five positions in the hash and go back to step 3.  Otherwise, go onto step 5.
// 5.  Take the last five digits from step 3.  This shall be the game outcome.
?>
```

## Final Advice on Fair Gaming

If you don't want to bother verifying the game outcome is fair, at least keep the casino honest by appearing that you are checking. The casino will know if you click on "fair gaming" to verify the outcome. If they were inclined to cheat, common sense would dictate they would be more likely to cheat customers who aren't verifying the outcome.

If you do click "fair gaming," add in at least a few random characters somewhere in the Client Seed. This will prevent the casino from providing a bonus Client Seed that will lead to an outcome the casino wants.

If you do catch a casino cheating, please send me some evidence of it. I would love to verify it and warn other players not to play there, by adding them to my casino blacklist.

Written by: