Skip to main content
โ—† CryptoCasinoHouse
๐Ÿ“– Guide

Provably Fair Explained

In-depth guide for crypto casino players.

Guide
Provably Fair Explained Step-by-step guide for crypto casino players
Verified Info
Safe Practices
VERIFIED
KYC Reality
sha256: a3f5e9b1c2d 4f6a78b9c0 d1e2f3a4b5
Technical Detail

Provably fair is the only verifiable honesty system in online gambling

Provably fair is a cryptographic protocol that lets a player prove, after the fact, that a casino did not change a game's outcome once they saw the bet. Traditional online casinos rely on Random Number Generators audited by labs like eCOGRA or iTech Labs, and players have to take it on trust. Provably fair flips this โ€” the player gets the mathematical proof in their own browser, and a few seconds with a SHA-256 calculator can verify any round was untouched. This guide walks through the exact mechanism behind the scenes at Stake, BC.Game, Roobet, Cloudbet, Shuffle and any other crypto casino that runs the protocol, what the "server seed" and "client seed" and "nonce" actually are, and how to verify a Stake Dice roll yourself in under two minutes. By the end you will be able to spot whether a casino's provably fair claim is genuine or marketing varnish.

What is provably fair?

The system was first implemented publicly by SoftSwiss (now BGaming) in 2014 on the original Bitcoin casino bitsler.com, and has since become the default expectation for any in-house game on a crypto casino. The mechanic relies on commit-and-reveal cryptography: the casino commits to a secret string before a player bets, the player adds their own randomness, the round resolves deterministically from the combined inputs, and then the casino reveals its secret so the player can recompute the outcome and confirm it matches. If a single character of the secret is changed, the resulting hash differs entirely, so any tampering is mathematically detectable.

The three components are: a server seed (a long hexadecimal string generated by the casino, kept secret until the round is closed), a client seed (a string the player can edit at any time before betting, usually defaulting to a random value), and a nonce (an integer that increments by one on every bet so the same seed pair can produce different rounds). The casino publishes a SHA-256 hash of the server seed before any bet is placed โ€” that is the commitment. When the player rotates seeds, the casino reveals the actual server seed and the player can confirm the hash matches.

How provably fair works step by step

The flow on Stake, BC.Game and other major operators follows the same six-step pattern:

  1. Casino generates a server seed. A 64-character hexadecimal string is produced server-side. Example: 2fa1b3c4...e8. This is the secret.
  2. Casino publishes the hash. SHA-256 is applied to the server seed and the resulting 64-character hash is shown to the player in the "Fairness" panel. Players can copy this hash immediately and screenshot it as evidence.
  3. Player chooses a client seed. Most casinos auto-generate a value, but you can replace it with anything โ€” a word, a timestamp, a friend's name. Stake defaults to a random eight-character alphanumeric string.
  4. Player bets, nonce increments. First bet is nonce zero (or one โ€” Stake uses zero-indexed), second bet is nonce one, and so on. Each bet has a unique nonce, so identical seeds produce different outcomes for each round.
  5. Game resolves deterministically. The casino concatenates server seed, client seed and nonce, hashes the result with HMAC-SHA512 (Stake) or SHA-256 (some others), and converts the hex output into a number used by the game engine. For Stake Dice, this number is mapped to a roll between 0.00 and 99.99.
  6. Player rotates seeds, server seed revealed. When the player clicks "rotate seeds" or starts a new session, the original server seed is published. The player hashes it themselves โ€” if it matches the hash committed in step 2, the casino did not change it mid-session.

Practical examples โ€” verifying a Stake Dice roll

The published Stake fairness algorithm for Dice maps an HMAC-SHA512 hash into a 0.00-99.99 outcome. The full process for a single roll:

  1. After a roll, open the bet in your history and click the "Verify" link. Stake displays the server seed, client seed, nonce, and computed roll value.
  2. Concatenate the strings as client_seed:nonce:0 โ€” the trailing zero is the "cursor" index for Dice.
  3. Run HMAC-SHA512 using the server seed as the key and the concatenation as the message. The output is a 128-character hex string.
  4. Take the first eight characters of the hex output and convert to a decimal integer. Divide by 2^32 (4,294,967,296) to get a float between 0 and 1.
  5. Multiply by 10,001 and floor to get an integer between 0 and 10,000. Divide by 100 to get the displayed roll, e.g., 47.23.

You can do this manually on the Stake "Verify" page, which embeds the JavaScript calculator, or copy the four inputs into any open-source provably fair verifier such as the one published by GitHub user stake-com/verifier. If the roll Stake displays does not match what you compute, the round was tampered. In four years of public scrutiny this has never been reported on Stake, BC.Game, Roobet or Shuffle โ€” the math is straightforward enough that any cheating would be exposed in hours.

Crash games work slightly differently. Stake Crash uses the "previous block hash" of a deterministic chain โ€” the server seed for round N+1 is the SHA-256 of the server seed for round N. The chain is revealed in full when seeds rotate, so every multiplier in the history can be recomputed and confirmed.

Common mistakes and red flags

The protocol works only if the casino publishes the hash before the bet. If the operator can edit the server seed at any point during a session, the system collapses. Three signs of a fake or weak provably fair implementation:

  • No pre-commitment hash displayed. If the "Fairness" panel only shows the server seed after the round, with no committed hash beforehand, the system is decorative โ€” the operator could have generated the seed after seeing the bet.
  • Verification only available for in-house Originals. Provably fair applies to game logic the casino controls. Slots from Pragmatic Play, Hacksaw Gaming, NetEnt and other third-party studios use audited RNGs but are not provably fair โ€” that is normal and not a red flag, but operators that imply otherwise are misleading.
  • Closed-source or proprietary verifier. Legitimate operators publish the exact algorithm. Stake, BC.Game, BGaming and Spribe all document their hashing approach openly. If the verifier is a black box that only the casino can run, you cannot independently confirm anything.

One subtle trap: rotating the server seed does not change past rounds, but it changes the seed pair going forward. If you suspect a particular round was rigged and rotate seeds before verifying, you still have the old seed pair in your history โ€” but always verify before clicking rotate, since some interfaces hide the old hash once it has been replaced.

FAQ

Does provably fair mean the casino has no house edge? No. The protocol guarantees the outcome was not changed after your bet, but the house edge is built into the payout structure. Stake Originals run at 99% RTP โ€” a 1% house edge โ€” and provably fair confirms that 1% is the only edge.

Can I use provably fair to predict outcomes? No. The server seed is unknown to you until after the round, so the inputs are not computable in advance. Anyone selling a "Stake predictor" or "Aviator predictor" is running a scam โ€” see our guide on Aviator strategy for the full debunk.

Are slot machines provably fair? Slot games from studios like Pragmatic Play, Play'n GO, Hacksaw Gaming and NetEnt are not provably fair in the strict cryptographic sense. They use audited RNGs certified by labs such as iTech Labs, eCOGRA or GLI. This is the industry standard for slots and is not inferior โ€” it just operates on a different trust model.

Which casinos publish open verifiers? Stake, BC.Game, Roobet, Shuffle, Cloudbet, BetFury and BGaming all publish their algorithms. Spribe games (Aviator, Mines, Plinko by Spribe) include an in-client verifier.

What is the difference between a server seed and a client seed? The server seed is generated and kept secret by the casino until reveal. The client seed is generated and editable by the player. Combining them prevents either party from controlling the outcome alone.

Updated 22 May 2026.

At a glance

STEP BY STEP 1 Sign up at casino 2 Generate deposit address 3 Send crypto ยท ~3 min 4 Play ยท withdraw winnings
Step-by-step
SIDE-BY-SIDE Feature A B โœ“โœ“ โœ“โœ— 9.28.1
Comparison
โ‚ฟ Wallet BLOCK CHAIN Network ๐ŸŽฐ Casino DEPOSIT FLOW ~3 min ยท single confirmation
Deposit flow
Curaรงao Gaming Control Board licence verification badge eCOGRA certified safe and fair gambling badge Gaming Laboratories International (GLI) RNG-tested badge Malta Gaming Authority (MGA) compliance badge GPWA Code of Conduct certified affiliate badge BeGambleAware responsible gambling partner badge GamCare responsible gambling support partner badge 18 plus age restriction badge โ€” must be of legal gambling age