Provably Fair

Every real-money dice roll on 1gambling.online is cryptographically verifiable. You don't have to trust us — after a round, you can independently recompute the dice and confirm we didn't change them. This page explains how that works, what to do, and the exact math.

What it means

Each roll is produced from three values:

  • Server seed — a random secret we generate. Before you play, we publish its SHA-256 hash. We can't change the seed afterwards without you noticing.
  • Client seed — a value you control. You can accept the default or set your own in the Fairness panel.
  • Nonce — a per-roll counter starting at 0 that increments by 1 with each roll under the same seed pair.

The dice are computed by mixing all three with a one-way hash function (HMAC-SHA256). Because we commit to our seed before you bet, and your seed is mixed in, neither side can predict or alter the outcome.

How to verify a round you played

  1. Play one or more rounds in 7X3 or 3DICE. Each round shows its nonce next to the dice result, and its client seed in the Provably Fair badge's tooltip.
  2. Open the Fairness panel — tap the gold shield badge in the game's result row, or open it from the account screen.
  3. Tap Rotate seeds. This retires your current server seed and reveals it. A fresh server seed is generated for the next round.
  4. Find the just-revealed pair in your Retired seed pairs history. You now have everything: the raw server seed, the client seed, and the nonce of every round you played under it.
  5. Use the built-in Verifier on the same panel. Paste the revealed server seed, the client seed, and the nonce. The verifier recomputes the dice in your browser using the algorithm below. If they match what the game showed, the platform was honest.
Why isn't a round verifiable until you rotate? While a server seed is active, knowing its raw value would let anyone predict the next roll. We must keep it secret until you retire it. Before rotation we commit to it by publishing its hash; after rotation we reveal the raw seed, and the hash must still match — that's the proof we didn't change it.

The algorithm

The math is documented so you can verify with any cryptographic library — not just our verifier. The same algorithm runs on the server (in PHP) and in the in-browser verifier (in JavaScript via the Web Crypto API), and they produce identical results.

input  = client_seed + ":" + nonce
hmac   = HMAC-SHA256(key = server_seed, message = input)
                  // hmac is 32 raw bytes

For each die i (i = 0, 1, 2 ... up to dice_count - 1):
  bytes  = hmac[4i .. 4i+3]
  int    = those 4 bytes as a big-endian unsigned 32-bit integer
  die_i  = (int % 6) + 1

The server_seed is the 64-character lowercase hexadecimal string the panel reveals after rotation. It is passed to HMAC-SHA256 as that string — not decoded back to bytes first. The committed hash you saw before play is SHA-256 of the same string.

The mapping uses int mod 6 + 1. Because 2^32 is not divisible by 6, dice 1-4 are very slightly more likely than 5-6 — by roughly one part in 715 million. This is far below anything detectable or material, and the verifier must reproduce the same biased mapping (or it would disagree with the server).

Definitive Guide to Provably Fair Gaming

Discover 100% Provably Fair gaming! Unlock our cryptographic secrets, verify every single roll yourself, and play with absolute trust. Start winning today!

Demo rounds

Free-play (demo) rounds never reach our server — they're computed entirely on your device. They aren't individually verifiable through the chain above. Real-money rounds go through the full HMAC machinery and are verifiable.

Code references

The reference implementations are public:

  • Server (PHP): api.1gambling.online's ProvablyFair::rollDice() in our codebase.
  • In-browser verifier (JavaScript): /auth/pf-verifier.js, used by the Fairness panel. Pure Web Crypto — no server calls.
  • Test vectors: known-answer inputs and expected dice, checked against both implementations before deploy.