πŸ”’ HASHSCORE Now Provably Fair

avatar

πŸ”’ HASHSCORE Now Provably Fair - Thanks to @minus-pi!

HASHSCORE Token

New Waiting

New Results

TL;DR

HASHSCORE games are now provably fair using cryptographic secrets that change every minute. Players can no longer predict scores before sending transactions, and every game result can be independently verified. This upgrade was inspired by feedback from @minus-pi.

What Changed?

The Problem

@minus-pi discovered that our hash scores could be predicted before sending transactions. Since transaction hashes are known immediately after signing (but before broadcasting), a clever player could:

  1. Sign a transaction locally
  2. Calculate the resulting hash score using our public algorithm
  3. Only broadcast transactions with favorable scores
  4. Reject unfavorable scores and try again

This defeated the randomness of the game. Props to @minus-pi for bringing this to our attention and demonstrating it responsibly!

The Solution: Provably Fair Gaming

We've implemented a provably fair system inspired by @magicdice's approach:

How it works:

  1. Server-side secrets - Our server generates a random 16-character secret every minute
  2. Salted hash calculation - Your score is calculated from SHA256(transaction_hash + secret) instead of the raw transaction hash
  3. Unpredictable - Since you don't know the secret when you send your transaction, you can't predict your score
  4. Transparent - After your game completes, we reveal the secret in your reward memo
  5. Verifiable - You can independently verify your score was calculated fairly

The Formula:

salted_hash = SHA256(your_transaction_hash + server_secret)
your_score = sum of all hex characters in salted_hash

Instant Verification

Every reward transaction now includes:

Example memo:

Result: HASHSCORE Default | Win High | Your HASHSCORE: 463 | 
Secret: K1jyq5sV3PHZuhSs | 
Verify: https://hashscore.fun/verify.php?tx=abc123...&s=K1jyq5sV3PHZuhSs

Click the verify link and you'll see:

  • βœ… Your transaction hash
  • βœ… The secret used
  • βœ… Recalculated score (matches your result)
  • βœ… Proof the game was fair

Why This Matters

Before: Trust-Based

You had to trust that our system was fair. There was no way to verify.

After: Cryptographically Verifiable

  • Transparent - The exact formula is public
  • Unpredictable - Secrets change every minute
  • Verifiable - You can prove every game was fair
  • Fair - Neither player nor house can manipulate results

This is the same proven system used by other successful blockchain gaming platforms like @magicdice.

Real-Time Results

We've also upgraded the user experience:

Old way: Instant preview showing predicted score (now we know this was wrong!)

New way:

  • Transaction sent β†’ Shows "Processing..."
  • Polls server every 10 seconds
  • When complete β†’ Shows real results:
    • Your actual hash score (with secret)
    • Win result (High/Low/Average)
    • Reward amount
    • Secret and verification link
    • One-click to verify fairness

Technical Details (For the Nerds πŸ€“)

Secret Rotation:

  • New secret generated every 60 seconds
  • Secrets are cryptographically random (16 alphanumeric characters)
  • Secret determined by transaction timestamp, not processing time
  • Same transaction always uses same secret (deterministic)

Database Storage:

  • Every transaction stores which secret was used
  • Full audit trail for transparency
  • Secrets stored in indexed table for fast verification

Verification Process:

// What you can verify:
$salted_hash = hash('sha256', $your_tx_hash . $revealed_secret);
$your_score = calculate_score($salted_hash);
// Compare with the score we gave you - they match!

Shoutout to @minus-pi πŸŽ‰

Big thanks to @minus-pi for:

  • Discovering the vulnerability
  • Reporting it responsibly
  • Demonstrating it clearly (even spelling "Rising" to prove it!)
  • Recommending the provably fair approach
  • Pointing us to @magicdice's implementation

This is exactly the kind of community feedback that makes Hive projects better. Thank you! πŸ™

What This Means for Players

βœ… Fair gameplay - No one can game the system anymore
βœ… Transparency - Every result is verifiable
βœ… Trust - Don't trust us, verify us!
βœ… Same great games - All games still work exactly the same
βœ… Better UX - Real-time results with verification links

Try It Out!

  1. Play any HASHSCORE game: https://hashscore.fun
  2. After your game, check your reward memo
  3. Click the verification link
  4. See the cryptographic proof your game was fair!

Play fair. Verify everything. Welcome to the new HASHSCORE.

🎲 https://hashscore.fun
πŸ”’ Provably Fair | Built on Hive | Powered by Community Feedback

#hive #gaming #hashscore #provablyfair #blockchain #gaming #transparency

hivegc hivegaming hashscore blockchaingaming cryptocurrency hiveengine web3gaming stem logic gaming
0
0
0.000
7 comments
avatar

Congratulations @pinkfloyd878! You have completed the following achievement on the Hive blockchain And have been rewarded with New badge(s)

You made more than 200 comments.
Your next target is to reach 300 comments.

You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word STOP

0
0
0.000
Reply
avatar

Hey @pinkfloyd878,
great work updating the game so quickly!

Please allow me to pick on a few details:

  • The secret part isn't fully clear to me yet: if the secret is updated every 60s, and @hashscore.fun tells me the secret in the response memo, then there's still the situation that for up to ~60s (minus response time) I have all inputs to pre-calculate my score. While much harder than before, it's still an edge for users who can run the calculations, and not fair for users who can't (or did I misunderstand how it works?).
  • For the 'trust' claim: the current implementation provides no proof that the 'secret' isn't tailored to the first player in a 60s window. @magicdice had this situation covered with publishing the seed hash ahead of time.
0
0
0.000
Reply
avatar

Hello @minus-pi there is a secret generated every 60 seconds, and saved, and is valid for the minute the timestamp that comes from the blockchain. if 2 transactions are recorded in that minute window, they both will have the same secret attached. if the secret was published ahead of time, then players could use that and try to line up the timing, right? It was a brainstorming job to get it updated, and a bunch of test!!!! and with the locked amount and the minute window, i feel you need to be a quantum computer to get it right... 😁

0
0
0.000
Reply
avatar

I like what you're doing with HashScore! I don't know where this will go, but it is good to see people trying new things on Hive.

I did some transactions and saw the same secret for 2 of them, as they were within 60 seconds. I see that you think the 60 second / one minute window is good enough, and maybe that is true. Is there any reason why you don't just do a new secret after every transaction? Then there is no chance for anyone to know the secret, I think. :)

Best wishes to you and your game / token!

!ALIVE !BBH !UNI !PIZZA !LADY

0
0
0.000
Reply
avatar

thank you!! i think it will go far because it can only get better and i have many ideas to play with. as for the secret dont worry, that whole process is being redesigned where the secret hashed will be public then when a new secret is made, the old one will be revealed. just takes time... so much to do :) !PIZZA

0
0
0.000
Reply