Casino fairness

Verify
every roll.

Each bet is derived from HMAC_SHA256(server_seed, client_seed:nonce). We commit to a SHA-256 hash of the server seed before any bet, so we cannot change the outcome after seeing your bet. You can rotate the seed at any time to reveal it and re-derive every past outcome.

Casino

Your active commitment

Loading…

Verifier

Paste the (revealed server seed, client seed, nonce) tuple from any past bet. Pick the game and we will re-derive the same outcome the casino served you.

Server seed (hex)

Client seed

Nonce

Game

How it works

Before any bet, the server commits to a 32-byte random server_seed by publishing only its SHA-256 hash. We cannot change the seed after the hash is shown without breaking the hash.
You provide (or the server auto-generates) a public client_seed. You can edit it only while the next nonce is 0 — once you've made a bet, the seed locks for the duration of that commitment.
Each bet uses the next integer nonce. The outcome bytes are HMAC_SHA256(server_seed, client_seed:nonce:cursor)and the bytes are mapped to the game-specific outcome (dice roll, mine positions, crash multiplier, etc.).
Hit "Rotate server seed" to reveal the current server_seed. Verify SHA-256(server_seed) === hash and re-derive every bet you played under it.