Provably Fair

Provably fair is a cryptographic framework that allows players to independently verify that game outcomes were determined fairly and were not manipulated by the operator. Unlike traditional casinos where you must trust the house, provably fair gaming provides mathematical proof that every result is legitimate.

The system works by combining inputs from both the server and the player to generate game outcomes. Because the player contributes to the randomness, the server alone cannot predetermine results. And because the server's contribution is committed in advance (via a hash), it cannot be changed after your bet is placed.

Our system relies on three key components that work together to produce verifiable randomness:

The game outcome is derived using HMAC-SHA256, a cryptographically secure hash-based message authentication code. Here is how the computation works:

The resulting 64-character hexadecimal hash is then converted into the game outcome:

1. Hash generation: The HMAC-SHA256 function takes the server seed as the key and the combination of client seed and nonce as the message, producing a 256-bit hash.
2. Byte extraction: We take specific bytes from the hash to generate random values for each reel position. For our 3x3 slot grid, we extract 9 values (3 reels, 3 rows each).
3. Symbol mapping: Each extracted value is mapped to a symbol on the reel strip using a weighted distribution table. This ensures the mathematical house edge remains consistent and transparent.
4. Result determination: The mapped symbols form the final grid, which is then evaluated against the payline table to determine wins.

After a game round, you can verify the fairness of the outcome by following these steps:

1. Note the server seed hash: Before each game session, you are shown the SHA-256 hash of the server seed. Save this hash — it proves the seed was locked in before play began.
2. Set your client seed (optional): You can change your client seed at any time before spinning. Use any random string you choose.
3. Play your round: Place your bet and spin. The nonce increments automatically.
4. Reveal the server seed: After you rotate to a new server seed (or end your session), the previous server seed is revealed. You can find it in your game history.
5. Verify the hash: Compute SHA-256 of the revealed server seed. It must match the hash you were shown before the game. If it matches, the seed was not changed.
6. Recompute the outcome: Using the server seed, your client seed, and the nonce, compute HMAC-SHA256 and map the result to symbols. The result should exactly match the outcome you received.

Our random number generator is built on the Web Crypto API (crypto.getRandomValues()), which provides cryptographically secure pseudorandom numbers sourced from the operating system's entropy pool. Key properties include:

• Entropy source: The OS kernel's CSPRNG, seeded by hardware entropy (timing jitter, interrupt data, hardware RNG where available).
• Bit depth: 256-bit server seeds providing 2^256 possible values — a number larger than the estimated atoms in the observable universe.
• Unpredictability: Each output is computationally indistinguishable from true randomness. No party can predict the next value, even with knowledge of all previous outputs.
• No seed reuse: Server seeds are rotated regularly and are never reused across sessions.

In addition to our provably fair system, which allows individual verification, we engage independent third-party auditors to conduct periodic reviews of our platform. These audits cover:

• RNG integrity testing: Statistical analysis of millions of game outcomes to ensure proper randomness distribution (Diehard tests, NIST SP 800-22 test suite).
• Payout verification: Confirmation that actual return-to-player (RTP) rates align with the theoretical values published for each game.
• Code review: Security audit of the game engine and provably fair implementation to ensure no backdoors or manipulation vectors exist.
• Compliance checks: Verification that our platform meets applicable regulatory requirements.

Audit reports are published periodically and available upon request by contacting our support team.

We are committed to full transparency in our operations:

• Open payout tables: All symbol weights, payline configurations, and payout multipliers are publicly documented.
• Published house edge: The theoretical RTP for each game variant is clearly displayed before you play.
• Complete game history: Every spin you make is recorded with all inputs (server seed hash, client seed, nonce) so you can verify any past result at any time.
• Seed rotation transparency: You control when to rotate seeds. The previous server seed is always revealed upon rotation so you can run verification.

If you have questions about our provably fair system or need assistance verifying a game outcome, our support team is here to help:

• Email: fairness@midnightriches.com
• Support: support@midnightriches.com