Why I believe in Provable Fairness
Bitcoin was created on the principle of trustlessness. Back when it was created, it didn't attract the same attention that it does today. The people that worked on and built the Bitcoin ecosystem did this because they didn't want to have to put their trust into anybody.
Provable fairness was created as a direct consequence of this. People looked at traditional gambling and saw something that could be improved upon, something that could be changed the same way they looked at money and thought of Bitcoin. The result was the first completely trust less gambling system the internet had ever seen, and it sparked a boom. Although the system originally only applied to generating random numbers for dice, the process was quickly adapted into many other games and a whole new community was formed.
But as Bitcoin grew more and more, and started attracting different people, some joined the community that weren't familiar with these systems. These people didn't understand the significance of being provably fair, or what it really meant. Later on, some people with a lighter sets of morals started trying to take advantage of this lack of knowledge. Some of them used software they bought from some other companies. Or worse, they created systems that at first looked to be provably fair, but upon closer inspection, contained holes that made it difficult for users to keep the site truly provably fair. These people looked to take advantage of newcomers that didn't know the reasons behind this technology that had been created for the benefit of the user.
This is an opportunity to be reminded of why provable fairness was created. People need to be educated, without getting taken advantage of. I believe in provable fairness because it shares the same core principles as Bitcoin itself, and once people see and understand it, they will see what an amazing thing it is.
The Problem with a lack of Vigilance
Provable fairness allows users to play on sites without the fear of their bets being altered into the favour of the house. But there's an important caveat that is often missed or not explained to the players. Full trustfulness is only there if the player does what they need to do also. Nearly all provably fair systems operate on the server seed/client seed model. The server shows you a hash of their seed before you start betting, allowing you to change your client seed before the first bet of the round. This way, since you are introducing new data into the hash function, the outcome of the hash is no longer controlled by the site as they do not have control over the data you give them.
But here lies a problem. Many sites will fill that box for users when they change their seed. This in itself does not have to be a problem. In fact, it's possible for this to be even more secure than the user entering their own data. If the site allows you to enter up to 32 random characters and they auto-fill the client seed box with 32 actually random characters (preferably generated on the client side with JavaScript instead of by the server) then it's more secure than just entering "1234" as your seed, just like a password. (However it's only "more secure" if the site is malicious and trying to change outcomes, and such a site would probably not generate good seeds for you, making the point unnecessary).
The problem with pre-filling the client seed comes from a situation where the site is malicious, which we should assume until proven otherwise. A malicious site can easily generate a server seed and client seed ahead of time that will result in more losing bets than winning ones. It's just a matter of generating random client seeds and checking the results until they get one that's sufficiently "bad".
If this site were to present this bad seed to the user as a sort of default option, many people would click past it and not think about it. The site would still use all the same provably fair algorithms, but could still be cheating you. Such a thing would only be possible if the site thinks you are likely to keep betting high or keep betting low, because estimates for you winning rely on consistently betting one or the other. (If the site generated a seed pair that would make you lose 55% of the time if you bet high, but you chose to bet low instead, you would be winning 55% of the time instead of losing). However, if the site does not allow you to pick high or low (or the game is some game other than dice where the numbers affect the outcome in a different way) it this opens up a good attack vector for them.
The concern with this kind of attack on players is small, because it would be difficult for a site to pull off consistently, especially without eventually drawing attention. However, no small hole should be discounted, especially with technology becoming more prominent. If you take anything from reading this, always change your client seed to something that you created and copy down the hash of your server seed before you start betting.
How to choose a Bitcoin wallet
Bitcoins are stored digitally. This means, in order to store Bitcoin yourself, you will need a Bitcoin wallet. Much like shopping for a physical wallet, when you start shopping for a Bitcoin wallet, you are confronted with many choices. In this article, we will explore the options available when it comes to acquiring a new Bitcoin wallet.
Hot and Cold
The first decision you need to make is whether you will store your Bitcoins hot or cold. Any wallet that is connected to the internet is termed a hot wallet, whereas a wallet that is disconnected from the internet, such as a paper wallet, is referred to as a cold wallet.
Yes, you can store your Bitcoins on paper. Paper wallets are great for security but they are not very practical. To use your funds, you need to upload your off-line private key into a digital wallet. For this reason, paper wallets are best used for long term storage only. If you lose your paper wallet, you have lost your funds, so be sure to secure the paper you store your wallet on securely (i.e. in a fireproof safe). If you would like to make your own paper wallet, bitcoin.com have an easy to follow guide.
Web or Mobile?
Software based wallets come in three main varieties; web, mobile or desktop. Web solutions are usually the most convenient. With a web based solution, you trust the wallet provider to securely store your private key online. A popular web based wallet is blockchain.info. Web based wallets are super convenient but generally not recommended if you are storing a significant quantity of money. If you are using a web based wallet and are concerned about anonymity, be sure to choose a wallet provider that supports HD wallets.
A HD (Hierarchical Deterministic) wallet allows you to create many wallets from one seed.
A HD seed is a series of words, in a random order, used to generate your private key. When using a HD wallet, you are also able to recover your private key by utilising the HD seed.
Mobile wallets are similar to web based wallets, but as the name implies, are designed to be used on mobile devices. Mycellium and Airbitz are two popular mobile solutions. Both of these apps allow you to download an app onto your Android or Apple IOS phone, where you will have your wallet setup in minutes.
Desktop wallets
A desktop wallet offers better protection than a web or mobile based wallet. With a desktop wallet, you and you alone are in control of your private key.
Your private key is stored on your hard drive and in the case of hardware failure, you can recover it. However, if you have malware on your computer, someone could potentially access your private key, and if they can access your private key, they can access your funds.
If you are concerned about security, it is advisable to only connect your desktop wallet to the internet when you are actually transferring funds.
The most popular desktop wallet right now is Electrum. There are a number of reasons for this.
Electrum looks like it was designed about ten years ago judging from the UI, but don't let this fool you.
It is very robust, and it is also very secure. The strength in security comes from the fact that Electrum is open source, so the source code for the application is in the public domain. Another great feature of Electrum is the fact that it allows you to increase the mining fee you've sent after you have broadcast your transaction. This means if a transaction is taking a particularly long time, you can increase your fee, in the hope that you will speed it along.
Hardware wallets
Hardware wallets (cold because they are disconnected when not transacting) offer a great balance between security and convenience. Your private key is stored in a gadget that plugs into your PC, and this device must be plugged in to the internet to transact with your funds. Two of the more popular hardware wallets are Ledger and Trezor.
Hardware wallets are a great all round choice for medium-long term storage of your Bitcoin funds.
Why should I care about provably fair?
When you stroll into a casino, approach the cash desk and leave with a handful of chips, you do so for one reason and one reason only. You have faith that you can leave the casino a winner. This faith comes from the belief you have that the outcome of the bets you are about to place will be random, thus giving you a completely fair chance of getting 'lucky'.
You walk to the roulette wheel and place your bets on the table in the sure knowledge that neither yourself nor the person spinning the roulette wheel has any influence over the outcome of the spin.
This is not always the case online. You find a site, complete your due diligence and make a deposit. You play and you lose, you play some more and lose some more, and eventually a thought crosses your mind… what if the site you are playing on is not fair?
How do you know that the casino you are playing at online is not simply generating any outcome that guarantees them a win?
The answer? Provable fairness. The newest and more up-to-date casinos are embracing ground-breaking technology to completely remove this doubt from players’ minds. To generate a random outcome, gaming sites utilise a seed and run this through an algorithm. A seed is simply a starting point to generate a random number. Then an algorithm is a series of steps taken to convert that seed into a pseudo-random result.
In a Provably Fair gaming environment, the site publishes to the player the seed they are using in advance of the game, however they do so using encryption, so that the player is only able to determine the seed after the game has taken place. In a Provably Fair game, the player also provides their own seed to the server which is used as part of the random number generation process.
Once the game has taken place the player can decipher the seed belonging to the casino to verify that the outcome of the game they have just played was completely fair. That is, the casino generated the most random result possible without unfairly influencing the outcome in their favour.
Simply put, Provably Fair gaming is the fairest way of gambling anywhere online in the world.
Which is why when you play at a Provably Fair gaming site, you know the money you wager is in safe hands.
What is Provably Fair Gaming?
Before we may begin to understand what makes a casino provably fair, we need to study how the basis of online gambling works. Simply put, players bet on the outcome of randomly generated numbers.
Formerly, these random numbers were generated solely by the host of a game, leaving complete control in the hands of operators. Participants had to trust the host not generating results in favor of anyone. Casinos operating on these merits caused conflict of interest for those seeking a fair gambling experience.
Due to lack of transparency, the essence of provably fair gaming was born. Corresponding concepts provide a way for both the operators and players to contribute to randomisation, which in turn removes any possibility of deception or cheating.
The foundation of fair gaming algorithms were laid by pseudorandom number generators, utilising seeds which determine the outcome of wagers.
A seed shall be equally influenced by players and hosts, meaning that the result of each bet at a provably fair casino is a team effort. The house is no longer in complete control of randomisation.
So, wouldn't this mean that players are able to manipulate results in their own favour?
Commitment Schemes
To prevent malicious behaviour, hosts must not show us their actual seed at first. Instead, they present a commitment of their own seed to us. Similarly to envelopes, these commitment schemes seal and conceal messages contained by them. They cannot be altered or revealed without consent from the sender. For example, hosts may commit a seed by using a one-way hash function or public key cryptography.
Hosts shall provide transparency and proof of authenticity by revealing their actual seeds at the end of each game. Anyone in possession of a host's commitment may verify the immutability of the corresponding seed.
Bets shall be reproducible once the host seed gets revealed. Players can constantly audit the behaviour of hosts by comparing random results calculated by a host and themselves.
Proving that the outcome of a wager is computed fairly and transparently should be performed by anyone at any time. We strongly believe in widespread use of provably fair algorithms throughout the gaming industry.
If you would like to learn more about the technical workings of provably fair algorithms, you can download my whitepaper found here.
White-label Software: It's time to move on
Current state of play
Bitcoin has ushered in a new era of systems, schemes and ideas. People have realised that we no longer need to place our trust in intermediaries. We've developed amazing tools such as provable fairness, decentralised exchanges, smart contracts, atomic swaps, amongst many other ideas still on the horizon. However, some people seem stuck in the past. Some Bitcoin casinos still choose to use white-label software and other "one size fits all" scripts and programs for their platforms.
For the unfamiliar, Wikipedia defines white-label software as "a product or service produced by one company (the producer) that other companies (the marketers) re-brand to make it appear as if they had made it''. As far as Bitcoin casinos go, this means companies buy developed casinos and rework it to make it "theirs". Software packages designed like this are often not designed to work with Bitcoin out of the box. As a result, you end up with websites with awkward alternate currencies, using outdated dependencies like Flash, that don't really present themselves as websites pushing a new technology.
Where should we be heading?
The rise of Bitcoin meant we needed to start over. To stop accepting mediocrity, and to work towards the best technology we could create. Instead of using white-label software, write your own. Bake in Bitcoin support from the ground up, making it an integral part of the user experience. It would be the new technology available to build the best user experience possible. This was the vision, but we aren't quite there yet.
It often seems like the sites that develop their own software care more about their users as well. Who would you trust with your money? The site that bought their software, or the site that designed everything from the ground up? There are some things you won't find in white-label software at all. Such as, provable fairness, early deposit credits, cheaper batch withdraws. When a chain fork occurs, who do you trust to give you both coins?
Design-level decisions can't be made with white-label software. Everything is handed to you as-is, and making changes is usually difficult and dangerous. Changes in code someone else wrote could end up with unintended consequences leading to loss of user funds, security holes or similar things. If you have a new amazing idea for a game, or want to introduce new technology, often times you'll end up out of luck.
Final thoughts
The types of people likely to buy software instead of build it themselves are usually more interested in making money instead of captivating their users. The websites usually lack a lot of features that people have come to expect from Bitcoin websites. The point of this article is to get the point across that we have the technology to make great websites. It's time to take advantage of all of this innovation and stop settling for average.