Skip to main content

Provably Fair Draws

We publish a cryptographic commitment to a secret server seed and derive draw values using a public formula from that seed, a round id, a client seed, and a nonce. Anyone can verify the JSON proof we provide.

Commitment

  • Server Seed Hash (SHA-256 of the secret seed) — published before draws.
  • Client Seed — public parameter (e.g., listing id or entropy source).
  • Nonce — increments per draw/attempt.

Derivation (MVP)

hmac = HMAC_SHA256(serverSeed, "{roundId}:{clientSeed}:{nonce}")
value = uint64(hmac[0..7]) / (2^64-1)

Production plan: per‑draw seed rotation and/or VRF integration.

Download a Demo Proof

Use the button below to download a JSON file you can verify offline.

Download demo-proof.json

How to Verify

  1. Compute SHA‑256 of your server seed to match the serverSeedHash.
  2. Recompute hmac = HMAC_SHA256(serverSeed, "roundId:clientSeed:nonce").
  3. Convert the first 8 bytes of the HMAC hex to an unsigned 64‑bit integer, divide by 2^64-1.
  4. The resulting value in [0,1) must match value in the JSON.