Template Individual

To reproduce this audit, complete the following commands:

Dice - Game Rules

Dice is a prediction game where players bet on whether a randomly generated number will fall above or below a chosen target. Its transparent mechanics and verifiable math make it a natural starting point for provably fair auditing.

Game Rules

Dice is a prediction game where players bet on whether a randomly generated number will fall above or below a target threshold they choose. The game offers complete control over risk and reward: players who accept lower win probability receive higher payouts, while those preferring safer bets receive smaller multipliers.

Risk vs Reward

The core mechanic of Dice is the inverse relationship between win probability and payout:

• High risk, high reward: Setting a target of 90 with "Roll Over" gives only a 10% chance to win, but pays approximately 9.99x

• Low risk, low reward: Setting a target of 50 with "Roll Over" gives a 50% chance to win, but pays approximately 1.998x

• Players control the math: Unlike slots or other games with fixed odds, Dice lets players choose their exact risk profile on every bet

Seed Formats

Every Dice bet uses three cryptographic inputs to generate the result:

The combination of these three inputs, using HMAC-SHA256, produces the random roll. Because the player controls the client seed and the server seed is committed before betting, neither party can manipulate the outcome.

Multiplier Calculation

Payouts in Dice are calculated mathematically based on win probability and house edge:

With Duel's 0.1% house edge:

Why Provably Fair Matters

Traditional online casinos require players to trust that games are fair. Provably fair systems eliminate this trust requirement by allowing players to mathematically verify that outcomes were not manipulated. In a Provably Fair system:

• The casino commits to a result before the player bets

• The player contributes randomness that the casino cannot predict

• Anyone can verify the outcome after the fact

High-Level Flow

To get an overview of how the process works, here is a high-level diagram alongside details

1. Player Bets → Initial input from the player

2. Seeds Combined → Combining serverSeed, clientSeed, and nonce

3. RNG Output → Random number generation using HMAC-SHA256 with rejection sampling

4. Game Logic → Generates a value (0.00-100.00) compared against the target

5. Payout Result → Final outcome (Win/Lose) multiplied by the multiplier

Provably Fair Model

Provably fair gambling systems use cryptographic primitives to guarantee the integrity of outcomes. The model relies on three components: a server seed committed via hash before play, a player-controlled client seed, and an incrementing nonce. These inputs are combined using HMAC-SHA256 to produce deterministic, verifiable results. This section documents the global provably fair architecture used by almost all Casinos and all relevant games.

Commit-Reveal Model

The Commit-Reveal model is integral to ensuring fairness and transparency in online gambling. This model involves several key phases:

• Commit Phase: Before any bets are placed, the casino generates a random server seed. To prove its authenticity and prevent later manipulation, only the SHA-256 hash of this seed is sent to the player. This ensures that while the player cannot know the seed initially, they can verify it later.

• Bet Phase: The player places their bet, incorporating their client seed. This phase combines the client seed with the server seed to influence game outcomes, ensuring player participation in the randomness.

• Reveal Phase: Once the bet is resolved, the casino reveals the actual server seed. By disclosing this information, players can verify that the hash provided during the commit phase corresponds to the server seed used, ensuring no tampering occurred.

• Verify Phase: The player can now confirm the fairness of the outcome by hashing the server seed revealed so far. If the hash matches the one provided during the commit phase, it proves the integrity of the process and ensures that outcomes were not manipulated by the casino.

Technical Glossary

Core Concepts

Provably Fair A cryptographic system that allows players to mathematically verify that game outcomes were not manipulated. Unlike traditional "trust-based" systems, provably fair games provide cryptographic proof of fairness.

Commit-Reveal Protocol A two-phase process in which the casino commits to a result (by showing its hash) before the player bets, then reveals the actual value after the bet. This prevents the casino from changing outcomes based on player actions.

Determinism The property that identical inputs always produce identical outputs. In provably fair systems, using the same server seed, client seed, and nonce must always generate the same game result.

Seed System

Server Seed A random value generated by the casino, typically 64 hexadecimal characters (32 bytes). The server seed is hashed and shown to players before betting, then revealed after the bet is complete.

Client Seed A random value controlled by the player, typically 16 alphanumeric characters. Players can set or change their client seed at any time to ensure they contribute entropy that the casino cannot predict.

Nonce A sequential counter (0, 1, 2, 3...) that increments with each bet under the same seed pair. The nonce ensures each bet produces a unique result even when using the same server and client seeds.

Seed Pair The combination of a server seed and a client seed. A seed pair remains active across multiple bets, with the nonce incrementing for each round. When a player rotates seeds, a new seed pair begins with the nonce reset to 0.

Hashed Server Seed The SHA-256 hash of the server seed, shown to players before betting. After the bet, players can verify that SHA-256(revealed server seed) equals the originally shown hash, proving the casino didn't change the seed.

Cryptographic Functions

HMAC-SHA256 Hash-based Message Authentication Code using SHA-256. A cryptographic function that combines the server seed, client seed, and nonce to produce a deterministic, unpredictable hash used for random number generation.

SHA-256 Secure Hash Algorithm 256-bit. A one-way cryptographic hash function that converts any input into a unique 64-character hexadecimal output. Cannot be reversed to discover the original input.

Rejection Sampling A technique to eliminate modulo bias in random number generation. Values outside a "fair range" are discarded and the next portion of the hash is used instead, ensuring perfectly uniform distribution.

Verification Terms

Verifier A tool (usually web-based or code snippet) that independently calculates game outcomes using provided seeds and nonce. A proper verifier should produce identical results to the live game.

Parity The degree of matching between verifier results and live game results. 100% parity means every single outcome matches perfectly, which is required for provably fair certification.

Reproducibility The ability to regenerate exact game outcomes using the same inputs. Players should be able to reproduce any historical bet result using the revealed seeds and nonce.

Game Mechanics

RNG (Random Number Generator) The algorithm that produces random outcomes. In provably fair systems, the RNG must be deterministic and based only on seeds + nonce (no hidden entropy sources).

RTP (Return to Player) The percentage of wagered money returned to players over time. Calculated as (1 - House Edge) × 100%. For Duel Dice, RTP = 99.9%.

House Edge The casino's mathematical advantage, expressed as a percentage of each bet. For Duel Dice, house edge = 0.1%, meaning the casino expects to keep 0.1% of all wagers long-term.

Multiplier The payout ratio for a winning bet. Calculated as: (100 - House Edge) / Win Probability. For example, a 50% win chance with 0.1% house edge yields a 1.9980x multiplier.

Win Condition The rule that determines if a bet wins or loses. In Dice: "Roll Over" wins if result > target; "Roll Under" wins if result < target. Rolling exactly on target always loses.

Audit Terms

Fairness Violation A condition where a player or casino could predict, alter, or unfairly influence outcomes. Examples include seed prediction, nonce replay, or hidden entropy injection.

Entropy Randomness or unpredictability in a system. In provably fair games, entropy comes from both the casino (server seed) and player (client seed).

Bias Non-uniform probability distribution. An unbiased RNG gives all outcomes equal likelihood. Rejection sampling eliminates bias that would otherwise occur from modulo operations.

Edge Case Unusual or extreme scenarios that might behave differently than normal operation. Examples: concurrent betting, nonce overflow, malformed seeds, or maximum bet limits.

Data Formats

Hexadecimal (Hex) Base-16 number system using digits 0-9 and letters A-F. Server seeds and hashes are typically shown in hex format (e.g., 4f775f81301c7fe8...).

Hash The output of a cryptographic hash function. In provably fair systems, hashes serve as commitments that cannot be reversed but can be verified.

Bet ID A unique identifier assigned to each bet (e.g., #308953686). Used to reference specific rounds during verification.

Common Abbreviations

1.0 Purpose

This section defines the deterministic randomness model used to generate Dice game outcomes. It specifies the exact inputs, algorithm, and guarantees provided within the audited scope. All subsequent sections build on this model and verify its correct implementation.

1.1 Server Seed Commitment

Before any bet is placed, the casino generates a secret server seed and publicly commits to it by displaying its SHA-256 hash to the player. This cryptographic commitment prevents the casino from changing the seed after seeing player actions. Upon game completion, the revealed server seed is verified by hashing it and confirming it matches the pre-committed hash, proving the outcome was predetermined.

Real Example from Live Data:

Verification:

1.2 Player Client Seed Control

Players have full control over their client seed through the Duel UI, allowing them to view, modify, or randomize it at any time before placing bets. This ensures players contribute their own entropy to the RNG process. This player-controlled input makes it mathematically impossible for the casino to predict or manipulate outcomes, as the final result depends on a value only the player knows in advance. Players can view and change their client seed at any time via the Duel UI.

Real Data Evidence: From the test data, client seeds are player-controlled and vary:

• "G3blCQBWQdVfM8sx"

• "13aS4FO1Iz"

• "32GD7vC9fH"

• "ewGBx04VbY"

• "0ygEXdJyQm"

1.3 Nonce Incrementation

The nonce begins at 0 and increments sequentially by 1 for each bet under the same server/client seed pair, ensuring every bet produces a unique RNG input even with identical seeds. This prevents outcome repetition. When a new server seed is issued (after rotation), the nonce resets to 0, and the system verifies nonces are never reused within the same seed session to guarantee cryptographic uniqueness.

Real Data Verification:

1.4 Deterministic Mapping

The RNG algorithm is fully deterministic; given the same server seed, client seed, and nonce, it will always produce the exact same output, allowing any party to independently verify results at any time. This mathematical certainty is the cornerstone of provably fair gaming: the test confirms that all 100+ live game results from the dataset match precisely when recalculated using the revealed seeds.

Real Example Verified:

Verification:

3.0 Purpose

This section indexes the technical artifacts used to verify Dice seed handling, nonce behavior, and determinism.

All evidence is reproducible using the linked scripts and datasets. Inline content is intentionally minimal; full artifacts are available via links.

3.1 Evidence Coverage Summary

3.2 Code References

3.3 Datasets Used

Dataset: duel-dice-sim-1767531771390.json (link)

Source: Live Dice game data Records: ~6,200 bets

Fields used:

• serverSeed

• serverSeedHashed

• clientSeed

• nonce

• drawnNumber

3.4 Determinism Verification

Using the linked determinism test suite, all recorded Dice outcomes were recomputed using the disclosed server seed, client seed, and nonce.

The recomputed results matched the live game outcomes exactly for all verified bets (1,200 / 1,200). No partial matches, rounding deviations, or conditional discrepancies were observed.

Evidence Artifacts:

• Determinism test suite: DiceAuditExecutionChecklistTests.ts (link)

• Determinism result log: determinism-results.json (link)

3.5 Reproduction Instructions

git clone https://github.com/ProvablyFair-org/duel-audit npm install npm test -- --grep "Dice Audit"

Expected result: All determinism and nonce verification tests pass.

Audit reproducibility pinned to:

• Git commit: <commit-hash>

• Dataset hash (SHA-256): <hash>

3.6 Verified Invariants (Seed / Nonce)

The following invariants were verified across the observed dataset:

• Nonce resets to 0 on server seed rotation

• Nonce never decrements or skips within a seed session

• Nonce values are never reused within the same seed session

• Observed maximum nonce aligns with operational seed rotation policy

Evidence:

• Nonce sequencing tests: DiceAuditExecutionChecklistTests.ts (link)

• Seed rotation dataset slice: duel-dice-sim-1767531771390.json (link)

2.1 Purpose

This section explains how Dice randomness is generated, what entropy sources are used, and how the RNG ensures unbiased and isolated outcomes. Verification of these properties is documented in the Technical Evidence & Verification section.

2.2 RNG Inputs & Entropy Sources

The Duel Dice RNG implementation uses HMAC-SHA256 with deterministic inputs (serverSeed, clientSeed, nonce) and employs rejection sampling against a calculated fair range (MAX_FAIR = 4,294,960,534) to eliminate modulo bias, producing unbiased dice outcomes from 0.00 to 100.00. Duel Dice uses HMAC-SHA256 for random number generation with rejection sampling.

Unit Test Declaration: "RNG depends only on (serverSeed, clientSeed, nonce)" ✅

Dice randomness is derived exclusively from the following inputs:

• serverSeed

  A secret value generated by the casino and committed to before betting.

• clientSeed

  A player-controlled value that contributes user entropy.

• nonce

  A sequential counter ensuring uniqueness per bet.

No additional entropy sources are used.

Specifically, the RNG does not rely on:

• timestamps

• system randomness

• external APIs

• server-side state

• environment variables

2.3 RNG Algorithm

The Dice game uses a deterministic cryptographic RNG with the following properties:

• Algorithm: HMAC-SHA256

• Key: serverSeed

• Message: clientSeed:nonce

• Output: 32-bit unsigned integer

The algorithm is fully deterministic: the same inputs always produce the same output.

Input: (serverSeed, clientSeed, nonce = 12)

RNG output (32-bit integer): 2387462193

The same input tuple always produces the same RNG output.

2.4 Bias Mitigation (Rejection Sampling)

To ensure uniform probability across the Dice range:

• Hash output values that would introduce modulo bias are discarded

• Only values within the unbiased range are accepted

• Accepted values are mapped evenly to outcomes between 0.00 and 100.00

This guarantees that all possible Dice results have equal probability.

Example: Raw RNG value: 4294967295 Rejected (outside unbiased range)

Next RNG value: 18349281 Accepted → mapped to Dice result

2.5 Isolation & Independence

Each Dice outcome is computed using a unique (serverSeed, clientSeed, nonce) tuple.

As a result:

• Previous bets do not influence future bets

• Outcomes for one player cannot affect another

• No RNG state persists beyond the nonce increment

Bet 1 → nonce = 12 Bet 2 → nonce = 13 Bet 3 → nonce = 14

This section indexes the technical artifacts used to verify Dice RNG implementation, entropy sources, bias elimination, and isolation properties. All evidence is reproducible using the linked scripts and datasets. Inline content is intentionally minimal; full artifacts are available via links.

Generated: 2026-02-06

Audit Status: ✅ ALL TESTS PASSING (4/4 RNG tests)

1. Evidence Coverage Summary

2. Code References

2.1 Test Suite (RNG & Entropy Model Tests)

Primary Test File: tests/dice/DiceAuditExecutionChecklistTests.ts

Test Block: Lines 55-80 - "Randomness & Entropy Model"

Test Setup: Lines 56-66 - Pre-verification determinism check

2.2 Core RNG Implementation

RNG Generator: src/dice/DiceNumbersGenerator.ts

2.3 HMAC-SHA256 Implementation

Cryptographic Base: src/DuelNumbersGenerator.ts

2.4 Data Provider (Test Harness)

Test Data Loader: src/dice/DiceGameAuditDataProvider.ts

3. Datasets Used

3.1 Primary Dataset

Dataset: duel-dice-sim-1767531771390.json

Metadata:

• Source: Live Dice game data from https://duel.com/dice

• Schema: duel-dice-sim-min-reveal-v2

• Created: 2026-01-04T12:54:09.990Z

• File Size: 27,600 lines (~828.8 KB)

• Total Records: 1,200 bets across 24 seed sessions

3.2 Fields Used for RNG Verification

RNG-Specific Fields:

• serverSeed - Server-provided entropy (64 hex characters)

• clientSeed - Player-provided entropy (alphanumeric string)

• nonce - Uniqueness counter (integer)

• drawnNumber - Generated outcome (0.00 - 100.00)

• result - Raw result value before division (0-10000)

Entropy Analysis:

• No timestamp field used in RNG computation

• No Math.random() calls in codebase

• No external API calls during result generation

• Pure function: output depends only on (serverSeed, clientSeed, nonce)

4. RNG Function Verification

4.1 Test Declaration

Test: "RNG depends only on (serverSeed, clientSeed, nonce)" ✅

Test Location: DiceAuditExecutionChecklistTests.ts:68-70

4.2 Canonical RNG Example

Inputs:

• serverSeed: 808eaef57ae9f272ab01a1209b509948fb242fe1f14e135547bd10006e6196f3

• clientSeed: G3blCQBWQdVfM8sx

• nonce: 0

RNG Process:

1. Compute HMAC-SHA256 hash:

   • Key: serverSeed (hex-decoded)

   • Message: "G3blCQBWQdVfM8sx:0" (UTF-8 encoded)

2. Extract 4-byte values from hash sequentially

3. Accept first value < MAX_FAIR (4,294,960,534)

4. Map to range: (value % 10001) / 100

Observed Result: 25.28

Recomputed Result: 25.28

Result: ✅ MATCH

4.3 Full Dataset RNG Verification

Using the linked test suite, all 1,200 dice outcomes were recomputed using only (serverSeed, clientSeed, nonce) inputs.

Results:

• Total Bets Verified: 1,200

• Matches: 1,200 (100%)

• Mismatches: 0

• External Entropy Used: 0 (none detected)

Test Execution Time: 246ms (includes full dataset recomputation)

Evidence Artifacts:

• RNG test suite: DiceAuditExecutionChecklistTests.ts:68-70

• RNG implementation: DiceNumbersGenerator.ts:11-32

• Source dataset: duel-dice-sim-1767531771390.json

4.4 RNG Function Signature Analysis

Function Signature:

Entropy Sources:

• ✅ serverSeed - Required parameter

• ✅ clientSeed - Required parameter

• ✅ nonce - Required parameter

• ❌ No optional parameters

• ❌ No class-level state variables accessed

• ❌ No global variables accessed

• ❌ No Date.now() or timestamps

• ❌ No Math.random() calls

• ❌ No external API calls

Implementation Reference: DiceNumbersGenerator.ts:11-32

5. Entropy Source Verification

5.1 Test Declaration

Test: "No mixed entropy sources" ✅

Test Location: DiceAuditExecutionChecklistTests.ts:71-73

5.2 Entropy Source Analysis

Verified Entropy Sources:

Prohibited Entropy Sources (Verified Absent):

6. Reproduction Instructions

6.1 Local Reproduction Steps

Expected Output:

5.2 Audit Reproducibility Pinning

• Git Commit: fa913ab94883d06950d3c63bbb7007f927648131

• Dataset Hash (SHA-256): ba3ae70517c7f77e07eaced46900a5f94ebc02bf11c41502fac894f142efb799

• Node Version: v22.11.0 (minimum: v16.x)

• npm Version: 11.3.0 (minimum: 8.x)

8.3 Targeted Test Execution

Run RNG dependency test only:

Run entropy source test only:

Run bias test only:

Run isolation test only:

8.4 Manual RNG Verification (Single Round)

Node.js REPL Verification:

Summary

✅ All RNG & Entropy Verification Criteria Met

3.1 What Verifier Parity Means (Expandable)

Include:

Short explanation (1–2 paragraphs) describing:

• What “parity” means in a provably fair context

• That the live game and verifier use the same deterministic logic

• That any mismatch would indicate post-bet manipulation or logic divergence

One clear statement:

• “Given the same server seed, client seed, and nonce, both systems must always return the same result.”

Do not include:

• Code

• Test loops

• Assertions

• RNG math (already covered in Section 2)

From PDF (parity explanation pages):

• Keep the conceptual explanation of why parity matters

• Remove repeated references to determinism already explained in Section 1

3.2 How Live Outcomes Are Verified (Expandable)

Include:

Short explanation (1–2 paragraphs) describing:

• How live bets are captured from the production environment

• How each bet is independently recomputed using the verifier

• That results are compared one-to-one

Simple step flow (text or diagram):

1. Capture live bet data

2. Recompute outcome via verifier

3. Compare live result vs verifier result

One simple confirmation sentence:

• “If even one result differs, parity fails.”

Do not include:

• Dataset dumps

• Script names

• File paths

• Loops iterating over bets

From PDF (live verification section):

• Keep the high-level description of the comparison process

• Remove raw JSON blocks and loop explanations

3.3 Parity Results Summary (Expandable)

Include:

Short summary paragraph stating:

• Number of live bets tested (e.g. hundreds or thousands)

• That all results matched exactly

• That no discrepancies were observed

One simple result line:

• “Matched: 1000 / 1000 live bets”

Optional small table:

Do not include:

• Full datasets

• Test logs

• Script output

From PDF (results section):

• Keep the final counts and conclusions

• Remove verbose output logs

3.4 Why This Matters for Players (Expandable)

Include:

Short explanation (1 paragraph) describing:

• That the verifier is not a simulation or estimate

• That it proves outcomes cannot be changed after the bet

• That players can independently validate fairness

One clear takeaway sentence:

• “This ensures the game you see is the game being verified.”

Do not include:

• Repetition of exploit testing

• RNG internals

• Certification language

Code References (Exact Scope)

• compare_live_vs_verifier.ts

  Logic that recomputes outcomes from live bet data using the verifier and compares results one-to-one.

• DiceAuditExecutionChecklistTests.ts

  Live vs verifier parity assertions ensuring:

  • Same inputs produce identical outputs

  • No post-processing or rounding divergence

• DiceWinCalculator.ts

  Confirms payout and win/loss logic used by verifier matches live game logic.

• generator.generateDiceResult(…)

  Core function used identically by:

  • Live game backend

  • Verifier recomputation

Purpose:

To ensure there is no logic drift between production gameplay and verification tooling.

Raw Datasets (Live Parity Only)

Dataset used for live ↔ verifier comparison:

• live_rounds.json

Fields included:

• serverSeed

• clientSeed

• nonce

• drawnNumber

• bet parameters (target, over/under, etc.)

• liveResult

• verifierResult

This dataset contains real bets captured from the live game, not simulations.

Full Test Logs (Parity Validation)

Logs demonstrating:

• Total live bets tested (e.g. 500–1000+)

• Recomputed verifier results for each bet

• Zero mismatches observed

Key confirmations:

• liveResult === verifierResult for every bet

• No rounding differences

• No conditional logic divergence

• No missing or reordered nonce usage

Example summary output:

• Matched: 1000 / 1000

• Mismatches: 0

Reproduction Artifacts

• Script: compare_live_vs_verifier.ts

Instructions:

• How to load the live bet dataset

• How to recompute outcomes locally

• How to verify parity programmatically

Expected output:

• Exact 1:1 match between live results and verifier results

• Fail-fast behavior if any mismatch occurs

Edge-Case Evidence (Parity-Specific)

Evidence confirming:

• Verifier logic does not diverge under different bet parameters

• No dependency on session state or prior bets

• No conditional payout adjustments post-RNG

• No environment-specific behavior between live and verifier

Explicitly verified:

• Same code paths

• Same math

• Same rounding

• Same final result

4.1 Payout Rules & Win Conditions (Expandable)

Include:

• Short explanation of how Dice payouts work:

  • Winning payout = bet amount × multiplier

  • Losing bets return zero

• Clear statement that:

  • Multipliers are fixed and predefined

  • No conditional logic changes payouts after the roll

• One simple example:

  • Bet amount

  • Roll result

  • Target

  • Win or loss

  • Final payout

Do not include:

• Full class definitions

• Input validation branches

• Error handling logic

• Multiple repeated examples

From PDF pages 37–39:

• Keep the plain-English explanation of payout mechanics

• Keep one simple payout example

• Keep the visual flow diagram showing:

  • Bet → Validate → Compare → Apply multiplier → Payout

• Remove full DiceWinCalculator source dump from this layer

4.2 Multiplier & House Edge Model (Expandable)

Include:

• One paragraph explaining:

  • All multipliers are derived from a fixed house edge

  • House edge is consistent across all targets

• Simple explanation of:

  • RTP = 100% − house edge

• One worked example (single target):

  • Target

  • Win chance

  • Multiplier

  • Resulting RTP

Do not include:

• Full multiplier tables

• Repeated examples for many targets

• Code loops or assertions

From PDF pages 40–42:

• Keep the explanation of:

  • Multiplier = (100 − house edge) ÷ win chance

• Keep one example calculation

• Remove the full ABOVE_NUMBER / BELOW_NUMBER tables from this layer

4.3 Simulated RTP Behaviour (Expandable)

Include:

• Plain explanation of what simulation proves:

  • Game behaves correctly over many bets

  • RTP converges to advertised value

• High-level summary stats:

  • Number of bets simulated

  • Targets covered

  • Final observed RTP

• One sentence explaining statistical tolerance

Do not include:

• Monte Carlo implementation details

• Nested loops

• Tracker objects

• Timing logs

From PDF pages 45–49:

• Keep the summary bullet points:

  • ~980,000 bets

  • 98 targets

  • RTP converges to 99.91%

• Keep the RTP convergence visual

• Remove all simulator source code from this layer

Code References (Exact Scope)

DiceWinCalculator.ts

• Core payout logic used by the live game and verifier

• Validates:

  • Bet amount input constraints

  • Drawn number bounds (0–100)

  • Correct multiplier selection (ABOVE_NUMBER / BELOW_NUMBER)

  • Final payout calculation

• Source:

  • src/dice/DiceWinCalculator.ts (lines 5–28)

• Purpose:

  • Ensure win/loss logic and payout calculation exactly match documented game rules

DiceGameProfiles.ts

• Multiplier tables for all Dice targets and bet directions

• Confirms:

  • Multipliers embed a consistent 0.09% house edge

  • RTP remains constant across all target values

• Source:

  • src/dice/DiceGameProfiles.ts (lines 103–203)

• Purpose:

  • Verify advertised RTP is mathematically encoded in the game profiles

DiceAuditExecutionChecklistTests.ts

• Unit tests validating:

  • Payout rules correctness

  • Advertised RTP matches theoretical RTP

  • Advertised RTP matches simulated RTP

• Source:

  • tests/dice/DiceAuditExecutionChecklistTests.ts (lines 89–145)

• Purpose:

  • Assert payout logic and RTP behavior across all bet configurations

DiceGameSimulator.ts

• Monte Carlo simulation engine used for RTP validation

• Uses:

  • Same RNG and payout logic as live game

• Source:

  • src/dice/DiceGameSimulator.ts (lines 12–46)

• Purpose:

  • Empirically verify RTP convergence using large-scale simulations

Raw Datasets (RTP & Payout Only)

Simulation Dataset

• Dataset generated via Monte Carlo simulation

• Example:

  • duel-dice-sim-1767531771390.json

• Contains:

  • serverSeed

  • clientSeed

  • nonce

  • drawnNumber

  • betAmount

  • winAmount

• Scope:

  • Nearly 1,000,000 simulated bets

  • 10,000 bets per target (targets 2–99)

• Purpose:

  • Validate RTP convergence and payout correctness empirically

Full Test Logs (RTP & Payout Validation)

Logs demonstrate:

• Targets tested: 2–99 (98 targets)

• Samples per target: 10,000 bets

• Total simulated bets: ~980,000

• Execution time: ~113 seconds

• Observed RTP: 99.91%

• House edge: 0.09%

Key confirmations:

• Every multiplier falls within the expected RTP acceptance range

• Aggregate RTP remains within ±1% statistical margin

• No payout anomalies or calculation errors observed

• No conditional logic altering payouts post-RNG

Example test assertions:

• "Payout rules correctness" ✅

• "Advertised RTP matches theoretical RTP" ✅

• "Advertised RTP matches simulated RTP" ✅

Reproduction Artifacts

Simulation Script

• DiceGameSimulator.simulate(samplesPerTarget)

Reproduction Steps

1. Load seed dataset

2. Run Monte Carlo simulation

3. Aggregate win/loss results per target

4. Compare observed RTP to theoretical RT

Expected Output

• RTP convergence toward 99.91%

• Per-target RTP within tolerance

• Aggregate RTP within ±1% margin

Edge-Case Evidence (Game Logic & RTP)

Explicitly verified:

• Payout calculation uses no hidden adjustments

• Max-win enforcement occurs after outcome determination

• Floating-point rounding is consistent and deterministic

• Invalid inputs are rejected before payout calculation

• No dependency on previous bets or session state

1.1 Server Seed Commitment (Expandable)

Include:

• Short explanation (1–2 paragraphs)

• One real JSON example

• One verification snippet (hash check)

Do not include:

• Full test loops

• Multiple redundant examples

From PDF pages 8–9:

• Keep the explanation

• Keep one crypto.createHash("sha256") snippet

• Keep one real data example

1.2 Player Client Seed Control (Expandable)

Include:

• Short explanation

• Screenshot of Duel UI (already present)

• Bullet list of observed client seeds

From PDF pages 10–11:

• Keep the UI screenshot

• Keep the list of example client seeds

• Remove trivial test like expect(true).to.eql(true) from this layer

1.3 Nonce Incrementation (Expandable)

Include:

• Explanation of nonce lifecycle

• Diagram showing increment and reset

• One real sequence example

From PDF pages 12–13:

• Keep nonce flow diagram

• Keep example showing 0 → 1 → 2 → reset

• Summarize test result, don’t dump full loop

1.4 Deterministic Mapping (Expandable)

Include:

• Explanation of determinism

• One verified example bet

• Link to script

From PDF pages 14–15:

• Keep one generateDiceResult(...) example

• Keep one real bet JSON

• Link script as reference

Code references (exact scope)

• DiceAuditExecutionChecklistTests.ts

  • Server seed commit verification test

  • Client seed usage verification

  • Nonce increment logic

  • Deterministic mapping assertion

• generator.generateDiceResult(...) implementation

Raw datasets (seed-related only)

• Seed + nonce datasets used for determinism checks

• Example:

  • duel-dice-sim-1767531771390.json

  • Filtered to fields:

    • serverSeed

    • clientSeed

    • nonce

    • drawnNumber

Full test logs (determinism-specific)

• Logs showing:

  • Recomputed results == live results

  • No nonce reuse within a seed session

Reproduction artifacts

• Script: verify_dice_round.ts

• Instructions:

  • How to run determinism verification locally

  • Expected output

Edge-case evidence (seed/nonce only)

• Proof nonce resets on new server seed

• Proof nonce never decrements or skips