Provably Fair Gaming: How We Guarantee Every Bet Is Tamper-Proof

Provably Fair Gaming: How We Guarantee Every Bet Is Tamper-Proof

Most online casinos ask you to *trust* them. WhalesEdge (no real money bets) asks you to *verify*.

Every game on WhalesEdge (no real money bets) — Crash, Dice, Plinko, Roulette — uses a cryptographic system called provably fair. It mathematically proves that no outcome was manipulated, by anyone, at any time.

Here is exactly how it works — and how the rest of the market compares.

---

The Problem With Traditional Casinos

In a traditional online casino, the house generates the result on their server. You see the outcome — but you have no way to verify it was not changed after you placed your bet.

The casino could, in theory: - Show you a losing result even though you rolled a winner - Adjust outcomes for high-stakes players - Change the RTP (return-to-player) dynamically

You have no proof either way. You are trusting a black box.

Platforms like 888Casino, Betway, PokerStars Casino, and William Hill Casino operate this way. They use licensed Random Number Generators (RNG) audited by third parties such as eCOGRA or iTech Labs — but these audits only certify the RNG software in aggregate. You, as a player, cannot verify a single specific round. You receive the result and are expected to accept it on faith.

This is not necessarily fraud. But it is a fundamentally different trust model.

---

How Provably Fair Works

Provably fair uses cryptographic commitments — the same technology behind blockchain and digital signatures.

The key insight: if you commit to something *before* the bet, you cannot change it *after* the bet without the player knowing.

Three Ingredients

1. Server Seed — Generated by WhalesEdge (no real money bets) before your bet. A random 32-byte hex string. We keep this secret until after the round.

2. Client Seed — Generated by your browser using crypto.getRandomValues(). Cryptographically random. We never see it before the bet.

3. Nonce — A random 32-bit integer generated server-side for each bet. Ensures two identical seeds never produce the same result.

The Formula

result = HMAC-SHA256(server_seed, client_seed + ":" + nonce)

We take the first 8 hex characters of the hash, convert to an integer, and divide by 4294967296 to get a float between 0 and 1. That float determines the game outcome.

---

Why This Is Tamper-Proof

The Server Cannot Cheat

The server seed is fixed before the bet. SHA-256 is a one-way function — you cannot reverse-engineer a server seed that produces a desired output. So even if we wanted to manipulate the result, we would have to change the server seed — and you would detect that.

The Player Cannot Cheat

The client seed comes from your browser. But the server seed is secret until after the round. So you cannot predict the outcome in advance either. Neither side has an unfair advantage.

Independence per Bet

Every single bet uses a fresh cryptographically random nonce. Two bets with identical seeds produce completely different results. There is no pattern to exploit.

---

The Commit-Reveal Protocol

For maximum transparency, we use a commit-reveal pattern:

1. Before the bet: We generate the server seed internally. We do not show it to you. 2. You bet: Your browser generates a client seed and sends it with your wager. 3. We compute: HMAC-SHA256(server_seed, client_seed:nonce) determines the result. 4. After the round: We reveal the server seed in the API response. 5. You verify: You can independently compute the same hash and confirm the result matches.

This is identical to how provably fair Bitcoin casinos work — and it is the gold standard of transparency in gambling technology.

---

Verifying Your Results

Every game round returns the server seed in the API response. You can verify any result yourself with this Node.js snippet:

``` const crypto = require('crypto') function verify(serverSeed, clientSeed, nonce) { const hash = crypto.createHmac('sha256', serverSeed).update(clientSeed + ':' + nonce).digest('hex') return parseInt(hash.slice(0, 8), 16) / 4294967296 } ```

Run this with the values from your game round. If the float matches — the game was fair.

---

Game-Specific Formulas

Crash

If float >= 0.99, crash point = 1.00 (1% instant crash). Otherwise: crash_point = floor((0.99 / (1 - float)) * 100) / 100. This gives a 99% RTP distribution. The house edge is exactly 1%.

Dice (1-100)

roll = floor(float * 100) + 1. Uniform distribution from 1 to 100. Win condition determined by your chosen target and direction.

Plinko

Each row uses a separate hash with the row index as additional input. Each peg decision (left or right) is independent and verifiable.

Roulette (0-99)

number = floor(float * 100). 0 = green (house), 1-49 = red, 50-99 = black.

---

The Mathematics of RTP

All WhalesEdge (no real money bets) games are set to 99% RTP — meaning for every 100 XP wagered, the expected return is 99 XP.

This is a mathematical guarantee built into the payout formulas:

• Dice over 50: Win chance = 50%, pays 1.98x. Expected value = 0.5 x 1.98 = 0.99
• Crash at 2x: Win chance = 49.5%, pays 2x. Expected value = 0.495 x 2 = 0.99
• Roulette red: Win chance = 49%, pays 1.98x. Expected value = 0.49 x 1.98 = 0.9702

The 1% house edge funds platform infrastructure. It is the only edge WhalesEdge (no real money bets) takes.

---

Who Has Provably Fair — and Who Does Not

Provably fair originated in the Bitcoin casino ecosystem around 2012. It remains largely absent from mainstream licensed gambling.

Platforms That Implement It Properly

Stake — One of the largest crypto casinos by volume. All in-house games (Dice, Crash, Mines, Plinko, Limbo) use HMAC-SHA256 with full seed reveal. Their implementation is publicly documented and widely audited by the community. Considered the industry benchmark.

BC Game — Comprehensive provably fair across its game portfolio. Supports custom client seeds and provides a built-in verification tool in the UI. Notable for applying it even to wheel and keno variants.

Roobet — Provably fair for original games. Documents the hash function and seed rotation on their fairness page. Popular among streamers due to the transparency angle.

Rollbit — Provably fair on core games. Additionally uses an on-chain RNG component for some outcomes (Roulette), making the randomness independently verifiable via the blockchain — not just the platform.

Bustabit — The platform that invented the Crash game format in 2014. Originally pioneered provably fair crash mechanics using a hash chain. Every multiplier in history is publicly verifiable back to the genesis hash.

Platforms That Do Not

Traditional licensed casinos (888Casino, Betway, PokerStars Casino, LeoVegas, William Hill, bet365 casino) operate exclusively on audited-but-opaque RNG. You cannot verify individual rounds. Third-party certifications confirm the software behaves correctly on average — not that your specific spin was fair.

Many crypto casinos with licensed game libraries — platforms that use crypto for deposits but source games from studios like NetEnt, Evolution, or Pragmatic Play. These games run on the provider's RNG infrastructure and are not provably fair. The casino has no visibility into the outcome generation either.

Sports betting and prediction markets — by nature, outcomes are determined by real-world events, not RNG. Provably fair does not apply. The relevant transparency questions are around odds pricing, line movement, and settlement rules.

---

How to Spot Fake Provably Fair Claims

The term is sometimes used as marketing without meaningful implementation. Warning signs:

No seed reveal. If the platform does not return the server seed after each round, you cannot verify anything. The provably fair label is decorative.

Timestamp-based nonces. Using the current time (Date.now()) as a nonce makes outcomes partially predictable. A sophisticated attacker with server timing access could narrow the seed space. Legitimate implementations use cryptographic random nonces.

Static or account-derived client seeds. If the platform assigns your client seed based on your account ID or session token — without browser-side randomness — the casino knows your client seed before you bet. The two-party randomness guarantee breaks.

Only some games are provably fair. If a platform applies the system selectively, the mechanism is a feature, not a foundation. The games excluded are the ones where you should be asking questions.

No open documentation of the formula. Legitimate implementations publish the exact hash function, input format, and float conversion. Vague descriptions without a verifiable formula are red flags.

---

Why This Matters for High-Stakes Players

If you are wagering meaningful amounts, trust is not enough. You need proof.

Provably fair is not a marketing feature — it is a technical constraint. We literally cannot manipulate outcomes without you detecting it. That is not a policy. That is mathematics.

For whales who move large positions, this is the baseline. Any platform that cannot offer cryptographic verification of its outcomes is asking you to gamble blind.

---

Summary