Login

Provably Fair

RustySkin.bet is fairer than most gaming sites thanks to a commit-reveal PF system with public/private seeds, plus a decentralized EOS blockhash layer on our Skinpot. We can't see future rolls, we can't manipulate outcomes, and every single game is independently verifiable — long after it's over.

No hidden rolls. We can't hand "wins" to streamers or VIPs — outcomes only exist once the block lands.
Cryptographically locked. Server seed hash is published before any bet. Changing the result would break the hash.
Verifiable by anyone. Every roll ships with a public URL where you can reproduce the result in your browser console.
01

Public & private seed generation

To make the commit-reveal tangible, we borrow the Bitcoin keypair metaphor: the public seed behaves like a Bitcoin P2PKH mainnet address — visible the instant a round opens — and the private seed behaves like its private key hex, kept secret until the round closes.

On round start, we publish SHA-256(private_seed) as the commit. When the round ends, we reveal the private seed. If it doesn't hash back to the exact same public seed, the roll was tampered — the site is caught on the spot. 

// Commit (at round open):
public_hash = SHA-256(server_private_seed)

// Reveal (at round close):
verify: SHA-256(revealed_private_seed) === public_hash
02

Additional EOS blockhash (Skinpot)

On Skinpot — our multi-player jackpot — we go one step further and fold a decentralized EOS blockhash into the final roll. This means even we can't see the final outcome until the last few seconds of the round.

At round creation we compute a future EOS block number: current_eos_block + (duration_seconds × 2) − 2. For example, a 15-second round opened at block #1000 locks to future block #1028. We commit and publish that block number before anyone enters. When the round ends, that block's hash gets salted with the private seed + round id to produce the final roll. 

// Final roll for Skinpot:
target_block = current_eos_block + (duration_s × 2) − 2

ticket = HMAC_SHA256(
  key = eos_block_hash.toLowerCase(),
  msg = revealed_private_seed + ":" + round_id
) mod 10001    // 0.00 – 100.00 percent
03

Cases & Coinflip (pure PF)

Cases and Coinflip don't need inter-player coordination, so they use the classic commit-reveal without the EOS layer. Server seed hash is committed before you click open/join, nonce and client seed are recorded, and the HMAC result is the roll. 

// At bet time (committed, not revealed):
public_hash = SHA-256(server_seed)

// Outcome:
result = HMAC_SHA256(server_seed, client_seed + ":" + nonce)
roll_int = first 8 hex chars of result, parsed as uint32

// Coinflip:  heads if roll_int is even, else tails
// Case:      weighted pick from the item table using roll_int

Server seeds rotate on a schedule. Once rotated, the seed for every past round becomes public — you can re-derive and verify every single roll you ever made on the site from that seed.

04

Verify any roll yourself

Every bet shipped on RustySkin.bet carries a roll id. Paste it into the URL below and you'll get the full cryptographic trail — public hash, revealed seed (once rotated), client seed, nonce, and the final HMAC — plus one-liners you can run in your browser's dev console to reproduce the result.

GET /pf/verify/<roll_id> Try an example

For Skinpot you additionally get the committed EOS block number and its hash, so you can cross-check the block on any public EOS explorer.

TL;DR

We publish the commit before you bet. The roll is deterministic from values that were locked in before the outcome was known — by us or by anyone else. If we cheat, the cryptography tells on us. That's provably fair.