At Lootbox.com, we prioritize transparency and fairness by using a Provably Fair system. This system allows you, the player, to confirm that the results of every game are genuinely random and haven't been manipulated by us to favor the house or any specific player. Here's a detailed breakdown of how it works, including some technical aspects to help you understand the fairness process.
The Foundation of Our Fairness: Seed Pair and Nonce System
For games on Lootbox.com, such as Boxes, we use a Seed Pair with Nonce mechanism. This approach is designed to ensure that we cannot interfere with the game's outcome, and it also gives you, the player, an active role in the process through your Client Seed. The combination of these seeds and a counter called the Nonce generates outcomes that are entirely verifiable.
How the System Generates Fair Results
To generate a fair game result, our system uses three main components:
- Server Seed: This is a random string generated by us for each set of games. It's hashed using the SHA256 algorithm to create a Hashed Server Seed, which we display to you before you start playing. The Server Seed is kept secret during gameplay and used for all game outcomes until it's retired and publicly revealed. This seed is crucial for generating the final random result.
- Client Seed: This is a random string generated by your browser that serves as your personal input into the outcome. You have the flexibility to change this seed whenever you want, giving you control over your part in the randomization process.
- Nonce: A number that starts at 1 for each new Server Seed and increases by one with every game you play. The nonce acts as a counter, ensuring that each game has a unique seed combination.
These components are combined and then fed into a random number generator function to produce a game result.
Technical Breakdown: How We Generate Secure Random Numbers
Here's a look at the code behind the scenes:
- Combining the Seeds: We combine the Client Seed, Server Seed, and Nonce using a formula that looks like this:
- Generating the Hash: Once the seeds are combined, we use the SHA512 hashing algorithm to turn the combined seed into a hash. This hash acts as a randomized input that drives the game outcome.
- Extracting the Result: Finally, we extract a random number from this hash using a ticket system:
const combinedSeed =`${clientSeed}:${serverSeed}:${nonce}`
Each game gets a unique combined seed based on the nonce's increment, ensuring that every game round produces a different result.
const hash = sha512(combinedSeed)
private getTicketNumber(hash, max = 100_000_000) { // Take the first 13 characters (52 bits) of the hash // This ensures we stay within JavaScript's safe integer limits const subHash = hash.slice(0, 13) // Parse the hex substring to a number const valueFromHash = parseInt(subHash, 16) // Calculate a value between 0 and 1 by dividing by 2^52 // 2^52 is used because it's the largest power of 2 that fits in JavaScript's Number.MAX_SAFE_INTEGER const e = Math.pow(2, 52) const normalizedValue = valueFromHash / e // Scale to range [1, max] (inclusive) // Using Math.floor ensures we get integers from 0 to max-1, then add 1 for range [1, max] return Math.floor(normalizedValue * max) + 1 }
This code calculates a random number that lies between 1 and a specified maximum value (100,000,000 in this case), ensuring each outcome fits within the game's requirements.
Verifying the Results After Gameplay
After you've completed your games, we "retire" the current Server Seed by revealing it publicly. At this point, you can use the Server Seed, along with your Client Seed and the nonce values from each game, to verify the results yourself. We generate a new Server Seed and reset the nonce to 0, allowing you to verify the outcomes of your previous games and start fresh.
With this system, you have full access to check that every game result was truly random, thanks to a transparent, verifiable process. This is our commitment to maintaining a fair and trustworthy gaming experience on Lootbox.com.
How Do I Know Boxes on Lootbox.com Are Fair?
At Lootbox.com, our Boxes feature uses a Provably Fair system to ensure that every unboxing experience is genuinely random and unbiased. This system is built to provide full transparency, letting you verify that each product you unbox has been assigned fairly and without manipulation.
When you open a Box, each product inside is associated with a specific range of ticket numbers. Upon unboxing, our system generates a random ticket number that determines which product within the Box you receive. This randomization is achieved by using a combination of three critical elements:
- Server Seed: A secure, random string generated by us, which remains hidden until it's publicly revealed after several games. This seed is hashed and shown as the Hashed Server Seed so that you can verify results once it's disclosed.
- Client Seed: A random string created by your browser, unique to your session. You can change this seed anytime, giving you an element of control and ensuring the outcome is influenced by your input.
- Nonce: A counter starting at 1 that increments with each unboxing, ensuring each round has a distinct seed combination.
The system combines these three values into a unique seed for each unboxing, which then generates a random ticket number within a pre-set range for the Box products. Each product has its own ticket range, and the result of your unboxing is determined based on which range the generated ticket falls into.
This system uses the Seed Pair with Nonce mechanism explained in detail in the Overview section. Check there for an in-depth understanding of how each seed and the nonce work together to keep outcomes fair, transparent, and verifiable.
Verify Past Unboxings
Want to verify your past unboxings? Use the CodePen tool below. Simply enter your previous Server Seed, Hashed Server Seed, Client Seed, and Nonce values to confirm that each result you received was random and unbiased.