Prelim Game Template

To reproduce this audit, complete the following commands:

Dice - Game Rules

Dice is a prediction game where players bet on whether a randomly generated number will fall above or below a chosen target. Its transparent mechanics and verifiable math make it a natural starting point for provably fair auditing.

Game Rules

Dice is a prediction game where players bet on whether a randomly generated number will fall above or below a target threshold they choose. The game offers complete control over risk and reward: players who accept lower win probability receive higher payouts, while those preferring safer bets receive smaller multipliers.

Risk vs Reward

The core mechanic of Dice is the inverse relationship between win probability and payout:

• High risk, high reward: Setting a target of 90 with "Roll Over" gives only a 10% chance to win, but pays approximately 9.99x

• Low risk, low reward: Setting a target of 50 with "Roll Over" gives a 50% chance to win, but pays approximately 1.998x

• Players control the math: Unlike slots or other games with fixed odds, Dice lets players choose their exact risk profile on every bet

Seed Formats

Every Dice bet uses three cryptographic inputs to generate the result:

The combination of these three inputs, using HMAC-SHA256, produces the random roll. Because the player controls the client seed and the server seed is committed before betting, neither party can manipulate the outcome.

Multiplier Calculation

Payouts in Dice are calculated mathematically based on win probability and house edge:

With Duel's 0.1% house edge:

Why Provably Fair Matters

Traditional online casinos require players to trust that games are fair. Provably fair systems eliminate this trust requirement by allowing players to mathematically verify that outcomes were not manipulated. In a Provably Fair system:

• The casino commits to a result before the player bets

• The player contributes randomness that the casino cannot predict

• Anyone can verify the outcome after the fact

High-Level Flow

To get an overview of how the process works, here is a high-level diagram alongside details

1. Player Bets → Initial input from the player

2. Seeds Combined → Combining serverSeed, clientSeed, and nonce

3. RNG Output → Random number generation using HMAC-SHA256 with rejection sampling

4. Game Logic → Generates a value (0.00-100.00) compared against the target

5. Payout Result → Final outcome (Win/Lose) multiplied by the multiplier

Provably Fair Model

Provably fair gambling systems use cryptographic primitives to guarantee the integrity of outcomes. The model relies on three components: a server seed committed via hash before play, a player-controlled client seed, and an incrementing nonce. These inputs are combined using HMAC-SHA256 to produce deterministic, verifiable results. This section documents the global provably fair architecture used by almost all Casinos and all relevant games.

Commit-Reveal Model

The Commit-Reveal model is integral to ensuring fairness and transparency in online gambling. This model involves several key phases:

• Commit Phase: Before any bets are placed, the casino generates a random server seed. To prove its authenticity and prevent later manipulation, only the SHA-256 hash of this seed is sent to the player. This ensures that while the player cannot know the seed initially, they can verify it later.

• Bet Phase: The player places their bet, incorporating their client seed. This phase combines the client seed with the server seed to influence game outcomes, ensuring player participation in the randomness.

• Reveal Phase: Once the bet is resolved, the casino reveals the actual server seed. By disclosing this information, players can verify that the hash provided during the commit phase corresponds to the server seed used, ensuring no tampering occurred.

• Verify Phase: The player can now confirm the fairness of the outcome by hashing the server seed revealed so far. If the hash matches the one provided during the commit phase, it proves the integrity of the process and ensures that outcomes were not manipulated by the casino.

Technical Glossary

Core Concepts

Provably Fair A cryptographic system that allows players to mathematically verify that game outcomes were not manipulated. Unlike traditional "trust-based" systems, provably fair games provide cryptographic proof of fairness.

Commit-Reveal Protocol A two-phase process in which the casino commits to a result (by showing its hash) before the player bets, then reveals the actual value after the bet. This prevents the casino from changing outcomes based on player actions.

Determinism The property that identical inputs always produce identical outputs. In provably fair systems, using the same server seed, client seed, and nonce must always generate the same game result.

Seed System

Server Seed A random value generated by the casino, typically 64 hexadecimal characters (32 bytes). The server seed is hashed and shown to players before betting, then revealed after the bet is complete.

Client Seed A random value controlled by the player, typically 16 alphanumeric characters. Players can set or change their client seed at any time to ensure they contribute entropy that the casino cannot predict.

Nonce A sequential counter (0, 1, 2, 3...) that increments with each bet under the same seed pair. The nonce ensures each bet produces a unique result even when using the same server and client seeds.

Seed Pair The combination of a server seed and a client seed. A seed pair remains active across multiple bets, with the nonce incrementing for each round. When a player rotates seeds, a new seed pair begins with the nonce reset to 0.

Hashed Server Seed The SHA-256 hash of the server seed, shown to players before betting. After the bet, players can verify that SHA-256(revealed server seed) equals the originally shown hash, proving the casino didn't change the seed.

Cryptographic Functions

HMAC-SHA256 Hash-based Message Authentication Code using SHA-256. A cryptographic function that combines the server seed, client seed, and nonce to produce a deterministic, unpredictable hash used for random number generation.

SHA-256 Secure Hash Algorithm 256-bit. A one-way cryptographic hash function that converts any input into a unique 64-character hexadecimal output. Cannot be reversed to discover the original input.

Rejection Sampling A technique to eliminate modulo bias in random number generation. Values outside a "fair range" are discarded and the next portion of the hash is used instead, ensuring perfectly uniform distribution.

Verification Terms

Verifier A tool (usually web-based or code snippet) that independently calculates game outcomes using provided seeds and nonce. A proper verifier should produce identical results to the live game.

Parity The degree of matching between verifier results and live game results. 100% parity means every single outcome matches perfectly, which is required for provably fair certification.

Reproducibility The ability to regenerate exact game outcomes using the same inputs. Players should be able to reproduce any historical bet result using the revealed seeds and nonce.

Game Mechanics

RNG (Random Number Generator) The algorithm that produces random outcomes. In provably fair systems, the RNG must be deterministic and based only on seeds + nonce (no hidden entropy sources).

RTP (Return to Player) The percentage of wagered money returned to players over time. Calculated as (1 - House Edge) × 100%. For Duel Dice, RTP = 99.9%.

House Edge The casino's mathematical advantage, expressed as a percentage of each bet. For Duel Dice, house edge = 0.1%, meaning the casino expects to keep 0.1% of all wagers long-term.

Multiplier The payout ratio for a winning bet. Calculated as: (100 - House Edge) / Win Probability. For example, a 50% win chance with 0.1% house edge yields a 1.9980x multiplier.

Win Condition The rule that determines if a bet wins or loses. In Dice: "Roll Over" wins if result > target; "Roll Under" wins if result < target. Rolling exactly on target always loses.

Audit Terms

Fairness Violation A condition where a player or casino could predict, alter, or unfairly influence outcomes. Examples include seed prediction, nonce replay, or hidden entropy injection.

Entropy Randomness or unpredictability in a system. In provably fair games, entropy comes from both the casino (server seed) and player (client seed).

Bias Non-uniform probability distribution. An unbiased RNG gives all outcomes equal likelihood. Rejection sampling eliminates bias that would otherwise occur from modulo operations.

Edge Case Unusual or extreme scenarios that might behave differently than normal operation. Examples: concurrent betting, nonce overflow, malformed seeds, or maximum bet limits.

Data Formats

Hexadecimal (Hex) Base-16 number system using digits 0-9 and letters A-F. Server seeds and hashes are typically shown in hex format (e.g., 4f775f81301c7fe8...).

Hash The output of a cryptographic hash function. In provably fair systems, hashes serve as commitments that cannot be reversed but can be verified.

Bet ID A unique identifier assigned to each bet (e.g., #308953686). Used to reference specific rounds during verification.

Common Abbreviations

This section documents how Duel's Dice game handles server seeds, client seeds, and nonces to produce deterministic, tamper-proof outcomes. Verification of each property is documented in the evidence subsections below.

1.1 Server Seed Commitment

Before any bet is placed, the casino generates a secret server seed and publicly commits to it by displaying its SHA-256 hash to the player. This cryptographic commitment prevents the casino from changing the seed after seeing player actions. Upon game completion, the revealed server seed is verified by hashing it and confirming it matches the pre-committed hash, proving the outcome was predetermined.

Code Implementation (Let's make this "hidden" / expandable)

Real Example from Live Data:

Verification:

1.2 Player Client Seed Control

Players have full control over their client seed through the Duel UI, allowing them to view, modify, or randomize it at any time before placing bets. This ensures players contribute their own entropy to the RNG process. This player-controlled input makes it mathematically impossible for the casino to predict or manipulate outcomes, as the final result depends on a value only the player knows in advance. Players can view and change their client seed at any time via the Duel UI.

Code Implementation:

Real Data Evidence: From the test data, client seeds are player-controlled and vary:

• "G3blCQBWQdVfM8sx"

• "13aS4FO1Iz"

• "32GD7vC9fH"

• "ewGBx04VbY"

• "0ygEXdJyQm"

1.3 Nonce Incrementation

The nonce begins at 0 and increments sequentially by 1 for each bet under the same server/client seed pair, ensuring every bet produces a unique RNG input even with identical seeds. This prevents outcome repetition. When a new server seed is issued (after rotation), the nonce resets to 0, and the system verifies nonces are never reused within the same seed session to guarantee cryptographic uniqueness.

Code Implementation:

Real Data Verification:

1.4 Deterministic Mapping

The RNG algorithm is fully deterministic; given the same server seed, client seed, and nonce, it will always produce the exact same output, allowing any party to independently verify results at any time. This mathematical certainty is the cornerstone of provably fair gaming: the test confirms that all 6,200 live game results from the dataset match precisely when recalculated using the revealed seeds.

Code Implementation:

Real Example Verified:

Verification:

1.5 Purpose

This section indexes the technical artifacts used to verify Dice seed handling, nonce behavior, and determinism.

All evidence is reproducible using the linked scripts and datasets. Inline content is intentionally minimal; full artifacts are available via links.

1.6 Evidence Coverage Summary

1.7 Code References

1.8 Datasets Used

Dataset: duel-dice-sim-1767531771390.json

Metadata:

• Source: Live Dice game data from https://duel.com/dice

• Schema: duel-dice-sim-min-reveal-v2

• Total Records: ~6,200 bets across 24 seed sessions

Fields used:

• serverSeed

• serverSeedHashed

• clientSeed

• nonce

1.9 Determinism Verification

Using the linked determinism test suite, all recorded Dice outcomes were recomputed using the disclosed server seed, client seed, and nonce.

The recomputed results matched the live game outcomes exactly for all verified bets (6,200 / 6,200). No partial matches, rounding deviations, or conditional discrepancies were observed.

Evidence Artifacts:

• Determinism test suite: DiceAuditExecutionChecklistTests.ts

• Determinism result log: "Evidence artifact: outputs/dice/determinism-log.json — Full row-by-row verification of all 6,200 bets (betId, liveResult, recomputedResult, match)."

1.10 Verified Invariants (Seed / Nonce)

The following invariants were verified across the observed dataset:

Evidence:

• Nonce sequencing tests: DiceAuditExecutionChecklistTests.ts

• Seed rotation dataset slice: duel-dice-sim-1767531771390.json

1.11 Reproduction Instructions

Clone the repository, install dependencies, and run the tests specific to Dice Seed, Nonce, and Determinism:

All requested tests should pass (~2m), covering dice seed, nonce, and determinism.

Expected Output:

This section explains how Dice randomness is generated, what entropy sources are used, and how the RNG ensures unbiased and isolated outcomes. Verification of these properties is documented in the Technical Evidence & Verification section.

2.1 RNG Function Implementation

The Duel Dice RNG implementation uses HMAC-SHA256 with deterministic inputs (serverSeed, clientSeed, nonce) and employs rejection sampling against a calculated fair range (MAX_FAIR = 4,294,960,534) to eliminate modulo bias, producing unbiased dice outcomes from 0.00 to 100.00. Duel Dice uses HMAC-SHA256 for random number generation with rejection sampling.

Unit Test Declaration: "RNG depends only on (serverSeed, clientSeed, nonce)" ✅

Code Implementation:

HMAC-SHA256 Base Implementation:

2.2 Entropy Sources

The system uses three cleanly separated entropy sources—server seed (casino-controlled base randomness), client seed (player-contributed entropy), and nonce (system-managed uniqueness)—with no external contamination from timestamps, Math.random(), or server-side state. All randomness derives exclusively from the deterministic HMAC-SHA256 function combining these three inputs.

Unit Test Declaration: "No mixed entropy sources" ✅

Test Implementation:

No Other Sources Used:

• ❌ No timestamps

• ❌ No Math.random()

• ❌ No external APIs

• ❌ No server-side state

• ✅ Only: HMAC-SHA256(serverSeed, ${clientSeed}:${nonce})

2.3 Bias Elimination (Rejection Sampling)

Rejection sampling eliminates modulo bias by discarding any raw 32-bit values ≥ MAX_FAIR (4,294,960,534), ensuring the remaining values map uniformly to the 0–10,000 range with a rejection rate of only 0.000157%. This guarantees that each possible dice outcome (0.00 to 100.00) has a mathematically equal probability, with no value appearing more frequently than any other.

Unit Test Declaration: "Mapping from RNG → game ranges is unbiased" ✅

The code implements rejection sampling to eliminate modulo bias.

Mathematical Explanation:

Why This Matters:

Probability Calculation:

• Rejection rate: 6,761 / 4,294,967,295 = 0.000157% (extremely rare)

• Each outcome (0.00 to 100.00) has exactly equal probability

Code Implementation:

2.4 RNG (Random Number Generator) Isolation

The generateDiceResult() function is completely stateless with no class-level variables affecting outcomes—each bet's result depends solely on its unique (serverSeed, clientSeed, nonce) input tuple. Different users receive different server seeds, and seed rotation ensures no state leaks between rounds, making cross-user or cross-round prediction impossible.

Unit Test Declaration: "RNG state does not leak across rounds or users" ✅

Code Implementation:Code shows expect(testFailed).to.eql(false) — This is the shared boolean issue. All 4 entropy tests check the same variable. Bartosz's fix will make each test independent (chi-squared, statelessness check, static analysis).

2.5 Purpose

This section indexes the technical artifacts used to verify the Dice random number generator, its entropy sources, bias elimination, and isolation properties.

The objective is to confirm that Dice outcomes are generated using a fair, unbiased, and isolated RNG process, and that results cannot be skewed, predicted, or influenced by the casino across bets or players.

All evidence is reproducible using the linked scripts and datasets. Inline content is intentionally minimal; full artifacts are available via links.

2.6 Evidence Coverage Summary

2.7 Code References

2.8 Datasets Used

Primary Dataset

Fields Used for RNG Verification

• serverSeed - Server-provided entropy (64 hex characters)

• clientSeed - Player-provided entropy (alphanumeric string)

• nonce - Uniqueness counter (integer)

• drawnNumber - Generated outcome (0.00 - 100.00)

• result - Raw result value before division (0-10000)

No timestamps, external inputs, or auxiliary fields were used in RNG computation.

2.9 RNG Dependency Verification

Claim Verified

Dice outcomes depend only on (serverSeed, clientSeed, nonce).

Canonical RNG Example (Single Bet)

Inputs:

• serverSeed: 808eaef57ae9f272ab01a1209b509948fb242fe1f14e135547bd10006e6196f3

• clientSeed: G3blCQBWQdVfM8sx

• nonce: 0

RNG Process:

1. Compute HMAC-SHA256 hash:

   • Key: serverSeed (hex-decoded)

   • Message: "G3blCQBWQdVfM8sx:0" (UTF-8 encoded)

2. Extract 4-byte values from hash sequentially

3. Accept first value < MAX_FAIR (4,294,960,534)

4. Map to range: (value % 10001) / 100

Observed Result: 25.28

Recomputed Result: 25.28

Result: ✅ MATCH

Full Dataset Verification

Using the RNG test suite, all recorded Dice outcomes were recomputed using only (serverSeed, clientSeed, nonce).

Evidence:

• RNG test suite: DiceAuditExecutionChecklistTests.ts:68-70

• RNG implementation: DiceNumbersGenerator.ts:11-32

• Source dataset: duel-dice-sim-1767531771390.json

2.10 Entropy Source Verification

Claim Verified

No hidden or mixed entropy sources influence Dice outcomes.

Verified Entropy Sources

Prohibited Sources (Verified Absent)

Evidence

• Entropy tests: DiceAuditExecutionChecklistTests.ts:71-73

• Code inspection: RNG path contains no external calls

2.11 Bias Elimination Verification

This claim would be stronger with the chi-squared test being added.

Claim Verified

Every number between 0.00 and 100.00 has an equal chance.

Mechanism Verified

Evidence

No statistical skew or uneven distribution was observed.

2.12 RNG Isolation Verification

Stateless RNG function: Verified" — Would be stronger with the dual-instance test being added.

Claim Verified

Outcomes cannot be predicted or manipulated across bets or players.

Verified Properties

Each bet is computed independently using a unique (serverSeed, clientSeed, nonce) tuple.

Evidence

• Isolation test: DiceAuditExecutionChecklistTests.ts:77-79

• Function inspection: DiceNumbersGenerator.ts:11-32

2.13 Verified Invariants (RNG & Entropy)

The following invariants were verified across the observed dataset:

2.14 Reproduction Instructions

Expected Output:

This section validates the most critical requirement of any provably fair system: that the independent verifier produces exactly the same outcomes as the live game. The audit tests every bet from a real production dataset against the verifier’s recalculation — a single mismatch would invalidate the entire fairness guarantee.

3.1 Why Parity Matters

If the verifier produces results that differ from the live game, players cannot trust the verification—the entire provably fair system becomes meaningless. 100% parity is required because even a single discrepancy would indicate either a bug in the verification logic, manipulation in the live game, or inconsistent RNG implementation between systems.

Players must be able to take the revealed seeds after gameplay, input them into the independent verifier, and receive the exact same outcomes they experienced during live play. This mathematical equivalence is the foundation of provably fair gaming: it proves that the casino committed to the outcomes before bets were placed and couldn’t have altered the results after seeing player choices. Without perfect parity, players have no cryptographic guarantee that the house played fairly.

3.2 How Parity Works

The parity section tests share a before() block with the determinism section. The bet-size stratification test (comparing $0.01 vs $10 Phase D bets) would make "No conditional logic based on bet size" an independent assertion.

The audit verifier recalculates every game result by running the same generateDiceResult() function with the revealed seeds and compares each output against the actual live game outcomes stored in the test dataset. Every single bet from the dataset must produce an exact match. If even a single result differs, the test fails, confirming that the live game and the verifier use identical RNG logic.

Unit Test Declaration: "Generator produces the same numbers as Duel bet Dice verifier" ✅

Code Implementation:

Test Data Source:

3.3 Test Results

A comprehensive test of 6,200 real bets (mixed $0.01 and $10 wagers) from live Duel.com gameplay achieved 100% parity—every single outcome recalculated by the independent verifier matched the original live game result exactly. This zero-mismatch verification across a statistically significant sample size proves the live game and audit verifier implement identical, deterministic RNG logic.

From Live Data File:

• Created: 2026-01-04T12:54:09.990Z

• Source: https://duel.com/dice

• Total Bets: 6,200 (across 4 phases, 125 seed pairs)

• Matches: 6,200 / 6,200

• Mismatches: 0

• Parity Rate: 100% ✅

Sample Verification: Change Data set

3.4 Purpose

This section indexes the technical artifacts used to verify that the independent Dice verifier produces identical outcomes to the live game.

All evidence is reproducible using the linked scripts and datasets. Inline content is intentionally minimal; full artifacts are available via links.

3.5 Evidence Coverage Summary

3.6 Code References

3.7 Dataset Used

Dataset: dataScripts/dice/duel-dice-sim-1767531771390.json

Metadata:

• Source: Live Dice game data from https://duel.com/dice

• Schema: duel-dice-sim-min-reveal-v2

• Total Records: 6,200 bets across 125 seed sessions

Fields Used for Parity

• serverSeed

• clientSeed

• nonce

• drawnNumber

No auxiliary or external data was used in parity verification.

3.8 Verifier Parity Verification

Canonical Parity Example (Single Bet) - Use different example so we dont repeat.

Inputs

serverSeed: 808eaef57ae9f272ab01a1209b509948fb242fe1f14e135547bd10006e6196f3

clientSeed: G3blCQBWQdVfM8sx

nonce: 0

Observed Live Result

• drawnNumber: 25.28

Recomputed Result

• generateDiceResult(serverSeed, clientSeed, nonce) → 25.28

Result: MATCH

Full Dataset Verification

All 6,200 live Dice outcomes were recomputed using only:

(serverSeed, clientSeed, nonce)

The independent verifier reproduced live game outcomes exactly across the full dataset.

3.9 Verified Invariants (Live ↔ Verifier)

The following invariants were verified:

3.10 Reproduction Instructions change data set

Add reference: "Evidence artifact: outputs/dice/determinism-log.json"

Expected Output:

This section verifies that the game's payout mechanics are mathematically correct and transparently implemented. Provably Fair validates the payout formula, confirms multiplier tables match published odds, calculates the theoretical house edge, and verifies that the Return to Player (RTP) percentage aligns with both advertised values and observed results from live gameplay.

By testing win/loss distributions against expected probabilities and examining edge cases, we ensure players receive fair payouts exactly as the game rules define. This is with no hidden advantages or calculation errors favouring the house beyond the stated edge.

4.1 Payout Formula

Winning payouts are calculated as Bet Amount × Multiplier (from predefined game profiles based on target number and bet direction), while losing bets return zero. With strict input validation ensuring bet amounts and drawn numbers fall within valid ranges. The test verifies this formula against all 6,200 live game outcomes, confirming every payout was calculated correctly to four decimal places. All multipliers are derived using the formula Multiplier = 99.9 / Win Chance %, ensuring a consistent 0.1% house edge (99.9% RTP) across all possible bet configurations.

Unit Test Declaration: "Payout rules correctness" ✅

Formula:

Code Implementation:

Test Implementation:

4.2 Multiplier Formula & House Edge

All multipliers are calculated using the formula Multiplier = 99.9 / Win Chance %, which embeds a consistent 0.1% house edge across every possible bet. Whether betting on a 1% longshot (99.9x) or a 98% favorite (1.019x). This ensures the theoretical RTP remains exactly 99.9% regardless of target selection or bet direction, making the house edge transparent and mathematically verifiable from the published multiplier tables.

Multiplier Calculation:

Where 99.9 = (100 - 0.1% house edge)

Example Calculations:

Target 50 Over:

• Win Chance: 50%

• Multiplier: 99.9 / 50 = 1.998x

• RTP: 50% × 1.998 = 99.9%

• House Edge: 100% - 99.9% = 0.1%

Target 99 Over:

• Win Chance: 1%

• Multiplier: 99.9 / 1 = 99.9x

• RTP: 1% × 99.9 = 99.9%

• House Edge: 0.1%

Target 2 Under:

• Win Chance: 2%

• Multiplier: 99.9 / 2 = 49.95x

• RTP: 2% × 49.95 = 99.9%

• House Edge: 0.1%

Actual Multiplier Table (Sample):

4.3 RTP Validation

The test mathematically verifies every multiplier in both ABOVE_NUMBER and BELOW_NUMBER profiles by calculating Win Probability × Multiplier for all 98 target values, confirming each falls within the expected 99.9%-100% RTP range. This proves the advertised 99.9% RTP (0.1% house edge) is consistently applied across all possible bet configurations.

Test: "Advertised RTP matches theoretical RTP" ✅

Code Implementation:

Results:

• All targets (1-99) have RTP between 99.9% and 100%

• Actual RTP: 99.9% (0.1% house edge)

4.4 Simulated RTP

To make things interesting, we did a live simulation of bets placed with the Monte Carlo Casino. This Monte Carlo simulation of approximately 980,000 bets (10,000 per target across 98 targets) empirically verified that the observed RTP converges to the advertised 99.9% within acceptable statistical margins.

Test: "Advertised RTP matches simulated RTP" ✅ (113281ms = 113 seconds)

Code Implementation:

Simulation Details:

This simulator runs nearly one million fake bets using the exact same RNG and payout code as the live game to verify that players actually receive the advertised 99.91% RTP in practice. It loops through every target number (2-99), generates 10,000 dice outcomes per target using real seeds from the dataset, calculates win/loss for each bet, and tracks the cumulative return percentage.

Results:

• Targets Tested: 2 through 99 (98 targets)

• Samples per Target: 10,000 bets

• Total Simulated Bets: ~980,000

• Execution Time: 113 seconds

• Result: RTP converges to 99.9% ± 1% margin ✅

4.5 Purpose

This section indexes the technical artifacts used to verify Dice payout mechanics, multiplier formulas, theoretical RTP calculations, and simulated RTP convergence. All evidence is reproducible using the linked scripts and datasets.

4.6 Evidence Coverage Summary

4.7 Code References

Test Suite: tests/dice/DiceAuditExecutionChecklistTests.ts

Core Implementation:

4.8 Payout Formula Verification

Claim: Every live payout matches betAmount × multiplier exactly.

Canonical Example (Single Bet):

Full Dataset Results:

The independent verifier reproduced live payout amounts exactly across the full dataset. No rounding deviations or conditional discrepancies were observed.

Evidence Artifacts:

• Payout test: DiceAuditExecutionChecklistTests.ts:89-94

• Payout log: outputs/dice/payout-log.json

4.9 Multiplier Table Integrity

Claim: Every multiplier in DiceGameProfiles.ts is correctly derived from 99.9 / win_chance_%.

Verification Formula:

For each of the 196 entries (98 targets × 2 directions):

Canonical Example:

Full Results:

• All 196 multiplier entries verified

• Zero deviations from formula

• Monotonicity confirmed (multiplier increases as win probability decreases)

Evidence:

• Profile tests: DiceGameProfilesTests.ts

• Implicit verification via theoretical RTP test (p × m = 0.999)

4.10 Theoretical RTP Verification

Claim: exact_win_probability × multiplier = 0.999 for every target and direction.

Canonical Example:

Full Results (all 196 configurations):

This is an exact mathematical proof, not a statistical approximation. Every configuration produces RTP of exactly 99.9% within floating-point precision.

Evidence:

• RTP test: DiceAuditExecutionChecklistTests.ts:96-125

4.11 Simulated RTP Convergence

Claim: Empirical RTP converges to theoretical 99.9% across statistically significant sample size.

Simulation Parameters:

Results:

Convergence chart: outputs/dice/Dice_RTP_Convergence.png

Evidence Artifacts:

• Simulation test: DiceAuditExecutionChecklistTests.ts:127-145

• Simulation engine: DiceGameSimulator.ts:12-46

• Simulation summary: outputs/dice/simulation-summary.json

4.12 Verified Invariants (RTP & Payout)

4.13 Reproduction Instructions update

Expected Output (Payout Formula):

Expected Output (Theoretical RTP):

Expected Output (Simulated RTP):

This section documents the fairness guarantees tested, the methodology used, and the results of each test. Detailed procedures and reproduction steps are excluded from this public report to prevent misuse.

5.1 Threat Model

A fairness violation would allow a player or the casino to predict outcomes, alter results, or gain an unfair advantage through weaknesses in the provably fair implementation.

This audit tests whether any such violation is possible under realistic gameplay constraints, targeting the cryptographic and deterministic properties that provably fair systems rely on.

5.2 Fairness Integrity Framework

Testing is based on the ProvablyFair.org Fairness Integrity Framework, a structured methodology derived from real, historically observed failures in provably fair systems.

The framework defines five categories of fairness guarantees, each tested independently:

5.3 Testing Approach (High Level)

For each fairness guarantee:

1. A known historical failure pattern is selected from the framework

2. The corresponding fairness invariant is targeted

3. The system is tested under realistic gameplay conditions

4. Any deviation from expected behavior is flagged for review

Detailed procedures, payloads, and reproduction steps are intentionally abstracted in the public report to avoid disclosing actionable information.

5.4 Fairness Integrity Matrix

Nonce Integrity

Seed Commitment Integrity

Outcome Determinism

Round & Player Isolation

Payout Integrity

5.5 Illustrative Test (Redacted)

Example: Nonce Replay Attempt

Goal: Reproduce a favorable outcome by reusing a previously observed (serverSeed, clientSeed, nonce) tuple.

Observed Behavior:

• Nonce increments strictly per bet

• No reuse detected within any seed session

• Identical inputs only reproduce historical outcomes — no profit opportunity

Result: Fairness guarantee holds. This behavior is consistent across all observed seed sessions.

5.6 Verified Fairness Invariants

The following invariants were tested and verified:

5.7 Scope & Limitations

This section verifies the integrity of the provably fair implementation under adversarial conditions. It confirms that the cryptographic guarantees — outcome determinism, seed commitment, nonce uniqueness, entropy isolation, and payout integrity — hold as designed.

This certification does not constitute a comprehensive security audit of the operator's platform, infrastructure, wallet systems, or application logic beyond the provably fair implementation. Implementation-level observations identified during verification, if any, are reported to the operator privately and are not part of this published certification.

Detailed test procedures, payloads, and reproduction steps are retained internally by ProvablyFair.org and may be disclosed to the operator under NDA if required.

1. How to Verify Your Bet

Step 1: Open Bet Details

• After any bet, click on the bet result to open the details modal

• You'll see the bet ID, result, multiplier, and target

Step 2: Click "Verify" Tab

• In the bet details modal, switch from "Results" to "Verify" tab

• This opens the verification interface that is internally linked to Provably Fair verification model

Step 3: Review Your Seeds

• Client Seed: Your player-controlled seed (e.g., G3blCQBWQdVfM8sx)

• Server Seed: The revealed server seed (64 hex characters)

• Server Seed Hash: The pre-committed hash shown before the bet

• Nonce: The bet number in sequence (starts at 0)

Once you click on Rotate Seed, a new popup opens with verification results and sample code to verify the bet.

Step 4: Verify the Result

• The verifier shows the calculated result based on your seeds

• Compare this to your actual game result — they must match exactly

• Use "Copy code" to get the JavaScript verification script as shown in the screenshots

1. Manual Verification (Advanced)

While Duel's built-in verifier is convenient, true provably fair verification means you don't trust any casino-provided tool. Manual verification allows you to:

• Run calculations on your own machine with your own code

• Eliminate any possibility of a tampered verifier

• Understand exactly how your results are generated

• Verify using multiple programming languages for cross-confirmation

2. Verify Server Seed Hash

The commit-reveal protocol ensures the casino cannot change the server seed after seeing your bet. Before betting, you see only the SHA-256 hash of the server seed. After the bet, the actual seed is revealed. This function verifies the revealed seed hashes to the same value, proving no manipulation occurred. Before betting, verify the hash matches after reveal: