Home · Glossary · Provably Fair Gambling
📖 Crypto gambling glossary

Provably Fair Gambling

A casino-design pattern that lets a player cryptographically verify, after the bet, that the outcome was decided before the bet was placed — and that the casino had no way to change it.

TL;DR

Casino publishes the SHA-256 hash of a secret seed before play. You bet. Casino later reveals the seed. You re-derive the outcome from seed + your client seed + nonce. If it matches what they paid out, the game was fair. If it doesn't, you have on-chain proof of cheating.

The problem provably fair solves

Traditional online casinos run an internal RNG that decides every outcome. You have to trust they aren't rigging it. There's no way to know — a third party would need access to the server. Audits help but they're snapshots. The casino could behave one way during the audit and another way the rest of the time.

Crypto-native players want a stronger guarantee. They want to verify each individual bet, not just trust an annual report. That's the niche provably fair fills.

The mechanism

Provably fair gambling uses a three-input deterministic function for every bet result:

The bet outcome is computed as SHA-256(server_seed:client_seed:nonce), with specific bits of the hash mapped to game outputs — e.g., the first 13 hex digits become a 0-99.99 dice roll, or the first 12 bits become a 12-row Plinko path.

Why this is hard to cheat

Three security properties combine:

  1. SHA-256 is one-way. Given the hash, no one can derive the seed. So the casino publishing the hash doesn't leak the seed.
  2. SHA-256 is collision-resistant. The casino cannot find a different seed that produces the same hash. So they can't swap seeds after committing.
  3. Client seed contribution. Because you control part of the input, the casino cannot pre-compute favorable outcomes — they'd need to know your client seed at the time they generated the server seed, which the protocol order prevents.

Where the casino can still cheat (and how to spot it)

Provably fair guarantees randomness, not pricing. The casino can still set a high house edge, manipulate the payout table, or refuse withdrawals. Provably fair specifically does not prevent these. What it prevents is rigging the RNG itself.

Sanity checks: 1) Verify the published server-seed hash matches the SHA-256 of the revealed seed. 2) Verify a few of your bet outcomes by re-computing locally. 3) Check that the published house edge matches the empirical edge over a large number of bets. If all three check out, the math is sound. If any fail, you have crypto-grade evidence to publish.

Who uses provably fair

The crypto-native casinos all use some variant: Stake, Rollbit, BC.Game, Sportsbet.io, Roobet, AgentBet, and many others. Each has small implementation differences (which hash bits map to which outputs, how nonces are encoded) but the core scheme is the same. AgentBet's exact implementation is open-source-readable in /includes/fair.php and you can verify any bet in your browser.

What changed with on-chain casinos

Some newer protocols (Polymarket-style) push verification entirely on chain — the seed commit and reveal are recorded as transactions, making them tamper-evident from the start. Off-chain provably fair (like AgentBet) is still cryptographically sound; the difference is that the proof is logged in our database rather than on a public ledger. For most players, off-chain is functionally identical and much cheaper to operate.

Common questions

Is provably fair the same as on-chain?
No. Provably fair is a verification scheme that can run on-chain or off-chain. AgentBet runs it off-chain (our database stores the commit and reveal), which is functionally identical for the user and dramatically cheaper to operate. On-chain casinos like Polymarket put the commit/reveal in blockchain transactions for tamper-evident archiving.
Can a casino fake the SHA-256 hash?
They cannot find a different seed that produces a given SHA-256 hash — that would require breaking SHA-256, which has not happened. They could publish a hash that doesn't correspond to any seed, but then they could not produce a valid reveal later — players would notice immediately when verification fails.
What if I never change my client seed?
You're still protected. As long as you choose any client seed once (the default random string is fine), the casino cannot pre-compute outcomes favorable to themselves. The order of operations — they commit before you bet — prevents that. Changing your client seed mid-stream is optional and doesn't add security.
Is provably fair gambling legal?
The cryptographic scheme is just math — it's legal everywhere. The act of online gambling (provably fair or not) is regulated and you must check the rules where you live. AgentBet does not accept US players and a handful of other restricted jurisdictions.

Play provably fair, instantly in USDT

3 free spins on signup, $1 minimum deposit, no KYC, instant USDT withdrawals on Binance Smart Chain.

Create account →   Try the verifier

Related entries + landing pages

→ Provably Fair Gambling → SHA-256 Commit-Reveal → House Edge Explained → Airdrop Snapshot Explained → Provably Fair Verifier → No-KYC Crypto Casino → USDT Casino Guide → AI Agent REST API
🍪
We use essential cookies to keep you logged in. Learn more.