Skip to main content
How is coinflip fair?

Information about how coinflip is provably fair

Enzo avatar
Written by Enzo
Updated over a year ago

Coinflip uses the EOS blockchain which allows us to generate a result in the future. On the EOS blockchain, a new block is mined every few seconds, so we can reasonably assume a new one is going to be mined a few seconds after a coinflip starts and we can use this to generate a result.

When you create a coinflip, no result is generated until another player or bot joins. Once a player or bot joins, we select a block that will be mined in the future and are then able to generate the result based on a data point from the block once it’s been successfully mined.

This method helps customers ensure that no one knows what the result will be as that would require you to be able to see into the future.

In total, there are 3 variables that are used for result generation:

  • Private seed (A securely random value, generated when a round is created - Example: 7d105342214394367e84c754a17b8a08)

  • Public seed (The ID of an EOS block, which is to be generated after a round is joined by a challenger - Example: 13b64cef0944abd129425774a5121b6adb9c15da9e0a26e9b0c438b959b35df4)

  • Round ID (A unique ID associated with a coinflip round - Example: 62005623)

To verify previous results, customers can use the following PHP script:

<?php

$private_seed_hash = "b6ce76f966a38da31399070b0f08523d93ea202e01c3151e259b8815dda02ce8";
$private_seed = "813ce2c0c6aae8fc071426c223ff0ce4";
$public_seed = "04fcb0995f1a2f0c0abd17cf364800d6dee912cba412ce16c58d7241aa7365f7";
$round = "321";
if (hash('sha256', $private_seed) != $private_seed_hash) {
echo "WARNING: Private seed hash does not match private seed!\n";
}
$hash = hash('sha256', "$private_seed-$public_seed-$round");
$flip = (hexdec(substr($hash, 0, 8)) % 2) + 1;
echo "Result: " . ($flip == 1 ? 'Heads (T)' : 'Tails (CT)');

This can be run locally or on any PHP script runner found online. We direct customers to: https://3v4l.org/ for this, but there are plenty of options available like so:

Customers will need to edit the private_seed_hash, private_seed, public_seed & round variables in the script to verify results.

This information can be found here: https://csgoempire.com/fairness under ‘Coinflip’.

For example, if we run the following script it matches up with the result logged in my coinflip history for round 62005623:

<?php

$private_seed_hash = "ec236b738bc6aa099faa38d1e0f3ab97a8e4b28cf83c2b5503e6ae698d5da7c9";
$private_seed = "7d105342214394367e84c754a17b8a08";
$public_seed = "13b64cef0944abd129425774a5121b6adb9c15da9e0a26e9b0c438b959b35df4";
$round = "62005623";
if (hash('sha256', $private_seed) != $private_seed_hash) {
echo "WARNING: Private seed hash does not match private seed!\n";
}
$hash = hash('sha256', "$private_seed-$public_seed-$round");
$flip = (hexdec(substr($hash, 0, 8)) % 2) + 1;
echo "Result: " . ($flip == 1 ? 'Heads (T)' : 'Tails (CT)');

This helps prove to customers that we generated the same result as what was given out. If the provably fair script returned a different result, it would be obvious that we manipulated the result compared to what was given out to customers.

Did this answer your question?