Provably Fair
How we guarantee neither player β nor us β can rig the outcome.
The Problem With Online Gambling
Traditional online casinos ask you to trust them. "Our RNG is certified," they say. But you have no way to verify this. The house could be cheating, and you'd never know.
Even worse: in PvP games, the server knows both players' cards. A malicious operator could feed information to a favored player, or simply rig outcomes.
Our Solution: Commit-Reveal
We use a cryptographic technique called commit-reveal that makes cheating mathematically impossible. Here's the key insight:
Both players contribute randomness to shuffle the deck.
Neither can predict or control the outcome.
It's like two people each bringing half a password. Neither knows the full password until both reveal their half β and by then, it's too late to change it.
Step by Step
Phase 1: Commit
Secret A
(one-way function)
to blockchain
Each player generates a secret by signing a message with their wallet. This signature is hashed to create the secret β it's yours and only yours. Only the hash of that secret goes on-chain. A hash is a one-way function β you can't reverse it to find the original secret. The blockchain stores both hashes and holds both bets in escrow.
Phase 2: Reveal
Secret A
hash matches
Secret B
Once both players have committed, they reveal their original secrets. The smart contract verifies that each secret matches its hash. You can't change your secret after seeing your opponent's β you already committed to it.
Phase 3: Resolution
The two secrets are combined to create a seed. This seed determines exactly how the deck is shuffled. The same seed always produces the same shuffle β it's pure math. The game plays out, and the winner is paid automatically.
Why Neither Player Can Cheat
π― Can Player A predict the outcome?
No. Player A doesn't know Player B's secret until both have committed. The final deck depends on BOTH secrets combined.
π― Can Player A change their secret?
No. They already submitted the hash of their secret. If they try to reveal a different secret, the hash won't match, and the contract rejects it.
π― Can the house rig the game?
No. We never see the secrets until both are revealed. The outcome is determined by player-provided randomness, not ours. We literally cannot influence results.
π― What if someone refuses to reveal?
There's a 15-minute timeout. If you don't reveal in time, you forfeit and your opponent wins the pot. No incentive to stall.
Verify It Yourself
Every game is recorded on the Base blockchain. You can verify any game result using public data:
Find the game on BaseScan
Every game has a unique ID. Look up the transaction to see both secrets.
Combine the secrets
Run them through the same hash function we use to get the seed.
Simulate the shuffle
Use the seed to shuffle a deck using the Fisher-Yates algorithm.
Play out the game
The cards and winner will match exactly what happened on-chain.
Verified: Smart contract is verified on Basescan. All game data is on-chain and auditable.
Security Architecture
The V2 contract incorporates industry best practices for smart contract security. Here's how your funds are protected:
ReentrancyGuard
OpenZeppelin's battle-tested protection against reentrancy attacks. No function can be re-entered during execution.
Pull-Over-Push Payments
If a transfer fails (e.g., recipient contract reverts), funds go to a pending withdrawals mapping. You can always claim your funds.
Pausable
In case of a critical bug discovery, the owner can pause new game creation. Existing games can still be resolved.
Emergency Recovery
For edge cases where funds get stuck, a 90-day timelocked recovery mechanism exists. Cannot be used on active games.
What the owner CAN do:
- β’ Pause new game creation (existing games unaffected)
- β’ Change the fee recipient address
- β’ Adjust protocol fee (max 10%, currently 5%)
- β’ Recover stuck funds after 90-day timelock
What the owner CANNOT do:
- β’ Access or steal funds from active games
- β’ Change the outcome of any game
- β’ Prevent players from revealing or claiming timeouts
- β’ Bypass the 90-day timelock
- β’ Modify the commit-reveal mechanism
Technical Specifications
Common Questions
What about the 5% fee? Where does that go?
The fee is taken from the winner's payout (not both players). It covers protocol development, infrastructure, and season prize pools. The fee is hardcoded in the smart contract β we can't change it without deploying a new contract.
What blockchain do you use?
Base β a Layer 2 network built on Ethereum. It inherits Ethereum's security while keeping transaction fees low (usually under $0.01). Your funds are secured by Ethereum's validator network.
Do you hold my funds?
Never. Funds go directly from your wallet to the smart contract (escrow) and then to the winner. We have no ability to access, freeze, or redirect your money. The smart contract is the only thing that touches your funds.
Has the contract been audited?
The contract is verified on Basescan. The commit-reveal pattern is battle-tested and used throughout DeFi. Built with OpenZeppelin security standards.
What happens if the site goes down?
Your funds are on the blockchain, not our servers. If a game is in progress, you can still interact directly with the smart contract to reveal your secret or claim a timeout. The frontend is just a convenience layer.
What if I clear my browser or switch devices?
Your secret is derived from your wallet signature, not stored randomly. When you create or join a game, you sign a message like "0x-War Game #123". That signature becomes your secret.
This means you can recover your secret on any device by signing the same message again. Same wallet + same game = same secret.
You provably generate your own randomness using your wallet. No server involvement. No localStorage dependency. Pure cryptographic derivation.