Dices provably fair - Nonce overflow vulnerability

Most of bitcoin dice software use a system to prove the fair play of the server for each bet. Most of them implement this mechanism using two seed (server seed and client seed) combined with a session nonce in the aim to provide a fair random number for each bet and usually this nonce is initialized to 0 after each seed change.

But, what if this nonce is stored in an unsigned integer variable (32bit in 32bit systems, 2³² values)? Theorically after 2³²-1 bets, the nonce goes in overflow and return to 0.

Saving each bet roll for every play in the first 2³²-1 window, will provide a map function:

f: n → roll . (n < 2³²)

that could be used to declare a function g(m) that predicts every future roll:

g (m) = f (m % 2³²)

A simple fix for this problem is to regenerate the server seed and reset the nonce after 2³² bets.

2024

The Time I Built a Probabilistic Computer

6 minute read

In early 2023, I embarked on a journey to explore the field of probabilistic computing. This endeavor culminated in the construction of a hardware prototype,...

Back to Top ↑

2023

Expanding the Commodore 64 Quantum Emulator

1 minute read

In a recent article I wrote, “Quantum Computing on a Commodore 64 in 200 Lines of BASIC”, published both on Medium and Hackaday.com, shows a two-qubit quantu...

Back to Top ↑

2020

OCaml and Quantum Computing

1 minute read

Qiskit is a python SDK developed by IBM and allows everyone to create quantum circuits, simulate them locally and also run the quantum circuit on a real quan...

Yallo, a new Tezos language

2 minute read

As someone noticed from the previous post, last weeks I started to write a new programming language for Tezos smart contracts. This project was initially int...

King of Tezos: a smart-ponzi on Tezos

2 minute read

While writing a new programming language, it is often useful to write some real use-cases to test the syntax, the language expressiveness and the code cleann...

Favorite dev quote

less than 1 minute read

Documentation is like sex: when it is good, it is very, very good; and when it is bad, it is better than nothing

New blog

less than 1 minute read

This is my new blog, based on jekyll. I’ll soon import old posts from my old blog.

Back to Top ↑

2016

Contractvm: decentralized applications on Bitcoin

less than 1 minute read

Contractvm is a general-purpose decentralized framework based on blockchain. The framework allows to implement arbitrary decentralized applications in an eas...

Back to Top ↑

2015

Dices provably fair - Nonce overflow vulnerability

less than 1 minute read

Most of bitcoin dice software use a system to prove the fair play of the server for each bet. Most of them implement this mechanism using two seed (server se...

Back to Top ↑

2014

Apache2: redirect different domains to subfolder

less than 1 minute read

In the aim to merge two of my server on digitalocean, today I tried to write a mod_rewrite rule to redirect a secondary domain to a subfolder. After one hour...

Back to Top ↑

2013

MineML: F# miner

less than 1 minute read

MineML is a multithread CPU based bitcoin miner written in F#. At the moment it’s a slow implementation, but the class structure offers the possibility to im...

Back to Top ↑