Provably Fair is a cryptographic protocol that enables verifiable randomness and transparency in decentralized systems, allowing any participant to independently audit the fairness of an outcome. At its core, it uses cryptographic commitments—typically a hash function like SHA-256—to bind an operator to a secret seed before an event occurs. The operator publishes the commitment (the hash of the seed) publicly. After the event, they reveal the original seed, allowing anyone to verify that the result was derived deterministically from that seed and was not altered after the fact. This creates a system of cryptographic proof rather than blind trust.
LABS
Glossary
Provably Fair
A property of a system, especially in Web3 gaming and gambling, where the fairness of random outcomes can be cryptographically verified by users after the fact, ensuring the operator did not cheat.
Chainscore © 2026
definition
BLOCKCHAIN MECHANICS
What is Provably Fair?
Provably Fair is a cryptographic protocol that enables verifiable randomness and transparency in decentralized systems, allowing any participant to independently audit the fairness of an outcome.
The standard implementation involves a two-step process: commit and reveal. First, the service generates a secret server seed and a client seed, hashes them together, and publishes this hash as a commitment. Once the random event (like a dice roll or card shuffle) is concluded, the server reveals the original seeds. Users can then re-hash the provided seeds to confirm the published commitment matches, proving the outcome was predetermined and not manipulated. This mechanism is fundamental to decentralized applications (dApps), especially in gaming and gambling platforms, where trust is paramount.
Beyond gaming, Provably Fair algorithms are critical infrastructure for blockchain consensus mechanisms like Proof of Stake lotteries, NFT minting randomness, and decentralized oracle services that require tamper-proof random number generation. The protocol's security relies on the cryptographic properties of the hash function: its preimage resistance ensures the seed cannot be deduced from the commitment, and its collision resistance guarantees a unique binding. This makes it a cornerstone for building transparent and auditable systems in a trust-minimized environment.
how-it-works
MECHANISM
How Provably Fair Works
Provably Fair is a cryptographic protocol that allows participants to independently verify the integrity and randomness of a system's outcome, ensuring it was not manipulated after the fact.
The core of a Provably Fair system is a commitment scheme, typically using a cryptographic hash function like SHA-256. Before an event (e.g., a dice roll or card shuffle), the service generates a server seed and a client seed. The server creates a commitment by hashing its secret seed combined with the client seed, producing a hashed server seed. This hash is published to the user. Crucially, the original server seed remains secret, but its cryptographic fingerprint is now fixed and public, preventing the server from changing it later.
Once the commitment is made, the user provides their client seed (often a random string they can generate). The outcome is then determined by combining the now-revealed original server seed and the client seed through a predefined random number generator (RNG) algorithm. For example, the concatenated seeds might be hashed, and the resulting hexadecimal output is interpreted as a number to determine a dice roll between 0 and 9999. Because the server seed was committed to before the user's seed was provided, the server cannot retroactively compute a different seed to produce a desired outcome.
Verification is the final, user-driven step. After the result is known, the service reveals the original server seed. Any participant can then independently perform the same RNG calculation using the public seeds and the agreed-upon algorithm. By comparing their computed result to the published game result, they achieve cryptographic proof of fairness. This process transforms trust from a requirement placed in the operator into a verifiable mathematical certainty, making it a foundational concept for trust-minimized applications in online gaming, lotteries, and some blockchain-based systems.
key-features
ARCHITECTURE
Key Features of Provably Fair Systems
Provably fair systems use cryptographic techniques to allow any participant to independently verify the fairness and integrity of an outcome, such as a random number or game result.
01
Cryptographic Commitment
The core mechanism where the service provider generates a seed and commits to it before the user's action. This is done by publishing a cryptographic hash (e.g., SHA-256) of the seed, known as the server seed. This hash acts as a tamper-proof commitment, ensuring the seed cannot be changed after the fact without detection.
02
Client-Side Seed
To ensure the outcome is not predetermined by the server, the user provides their own random input, called the client seed. This seed is combined with the server's seed to generate the final result. The user can change their seed for each round, adding a layer of unpredictability controlled by the participant.
03
Verifiable Outcome Generation
The final result (e.g., a random number, card draw, or dice roll) is generated by a deterministic, publicly disclosed algorithm (like HMAC-SHA256) using both the server and client seeds. Because the algorithm is known, anyone can re-run the calculation with the revealed seeds to confirm the result matches the published outcome.
04
Seed Revelation & Audit
After the round concludes, the service provider must reveal the original server seed. Users can then:
- Hash the revealed seed to verify it matches the original commitment hash.
- Input both seeds into the known algorithm to reproduce the result. This transparent audit process allows for after-the-fact verification by any third party, eliminating the need to trust the operator.
05
Use Cases Beyond Gambling
While pioneered by online casinos, provably fair logic is critical in decentralized systems:
- NFT minting and fair drops to prevent front-running.
- Blockchain lotteries and prediction markets.
- Validator/leader election in some consensus mechanisms.
- Randomized airdrops to ensure equitable distribution.
06
Limitations & Considerations
Provably fair does not mean 'perfectly fair'—it only verifies the execution of a predefined process. Key limitations include:
- Algorithm Bias: A flawed or predictable generation algorithm can be exploited.
- Seed Entropy: Weak randomness in seed generation compromises security.
- Implementation Bugs: Errors in the code can invalidate the cryptographic guarantees.
- User Verification Burden: The onus is on the user to perform the audit.
ecosystem-usage
PROVABLY FAIR
Ecosystem Usage
Provably Fair is a cryptographic protocol that allows users to independently verify the integrity and randomness of an outcome, ensuring a system is not manipulated. Its applications extend far beyond gaming into critical DeFi and governance mechanisms.
01
On-Chain Gaming & Gambling
The original and most common application. Platforms use commit-reveal schemes or verifiable random functions (VRFs) to generate random numbers for games. Before a bet, the platform commits to a seed; after the bet, it reveals the seed, allowing the user to cryptographically verify the result was predetermined and fair.
- Example: A dice game commits a hash of the server seed + client seed. After the roll, the seeds are revealed, and the user can hash them to confirm the outcome matches the original commitment.
02
DeFi & Lending Protocols
Used for transparent and fair lottery mechanisms and risk parameter selection. For example, a lending protocol might use a provably fair draw to select which underwater positions are liquidated first during congestion, or to distribute NFT rewards to liquidity providers without bias.
- Key Benefit: Prevents front-running and ensures equitable treatment of all participants in automated financial processes.
03
NFT Minting & Airdrops
Ensures fairness in randomized NFT attribute generation and airdrop distributions. When minting an NFT collection, a provably fair mechanism can be used to assign traits, allowing anyone to verify that rarity distributions were followed correctly. For airdrops, it can randomly select eligible wallets from a snapshot, providing proof the selection wasn't manipulated.
04
DAO Governance & Lotteries
Applied in decentralized autonomous organizations for transparent voting on sensitive issues or fair prize draws. A DAO could use a provably fair random number to select grant recipients from a pool of applicants or to randomly sample voters for a poll, ensuring the process is trustless and auditable by all members.
06
Technical Implementation Methods
Several cryptographic techniques enable provable fairness:
- Commit-Reveal Scheme: Hash of a secret seed is published (commit), the seed is revealed later for verification.
- Verifiable Random Function (VRF): Generates a random output and a proof of its correctness.
- Multi-Party Computation (MPC): Multiple parties jointly generate a random number; corruption of a minority does not compromise fairness.
- Block Hashes: Using a future block hash as a randomness source, though this is vulnerable to miner manipulation.
technical-details
MECHANISM
Technical Details: The Commit-Reveal Scheme
A foundational cryptographic protocol that ensures fairness and prevents front-running by separating the submission of data into two distinct, verifiable phases.
The commit-reveal scheme is a two-phase cryptographic protocol designed to ensure fairness in systems where participants must submit information without being influenced by others' choices. In the commit phase, a participant generates a secret value, creates a cryptographic commitment (typically a hash like keccak256), and publicly broadcasts only this commitment. This hash acts as a sealed envelope, binding the participant to their secret without revealing it. Once all commitments are submitted, the system moves to the reveal phase, where participants must disclose their original secret values. The system then verifies each revealed secret against its earlier commitment by re-hashing it and checking for a match.
This mechanism is critical for preventing front-running and manipulation. In contexts like blockchain-based games, random number generation, or decentralized governance voting, a malicious actor could gain an advantage by waiting to see others' submissions before choosing their own. The commit-reveal scheme eliminates this by locking in all choices before any are visible. The security relies on the properties of cryptographic hash functions: pre-image resistance ensures the secret cannot be deduced from the commitment, and collision resistance ensures a participant cannot find a different secret that produces the same hash.
A common implementation involves a smart contract with two main functions: commit(bytes32 commitment) and reveal(uint256 secret, bytes32 salt). The participant often combines a secret number with a random salt before hashing to prevent brute-force attacks against predictable secrets. After the reveal deadline, the contract validates the submissions and uses the revealed secrets to compute a final, provably fair outcome—such as a winner in a lottery or a random seed for a game. This process makes the entire sequence auditable on-chain, allowing anyone to verify that the rules were followed and no party cheated.
security-considerations
PROVABLY FAIR
Security Considerations & Limitations
Provably Fair is a cryptographic protocol that allows participants to independently verify the integrity and randomness of a system's outcomes, such as in gaming or lotteries, after the fact.
01
The Core Mechanism
A Provably Fair system operates on a commit-reveal scheme. The service provider first generates a secret seed and a public commitment (hash). After the user provides their input, the final result is generated using both seeds. The provider then reveals their original secret, allowing anyone to cryptographically verify that the result was determined fairly and was not altered after the fact.
02
Client-Side Seed Vulnerability
A critical limitation is reliance on client-side entropy. If the user's seed is predictable (e.g., derived from a timestamp) or compromised, the overall randomness is weakened. Malicious implementations may also use flawed or biased pseudo-random number generators (PRNGs) on the client side, undermining the fairness guarantee despite the cryptographic proof.
03
Oracle & Data Feed Risks
Systems that derive randomness from external oracles or public data feeds (e.g., future block hashes, weather data) introduce a trust assumption. The integrity of the outcome depends on the oracle's correctness and censorship-resistance. A compromised or malfunctioning oracle becomes a single point of failure for the entire fairness proof.
04
Implementation Flaws & Audit Gaps
The cryptographic proof only verifies the specific algorithm was followed; it does not audit the full system implementation. Vulnerabilities can exist in:
- The frontend code that collects user input.
- The server-side logic before commitment.
- The verification tool itself. A provably fair system is only as strong as its weakest code audit.
05
The 'Nothing-at-Stake' Problem for Providers
For the service provider, being provably fair is a public verifiability feature, not a cryptoeconomic security guarantee. There is often no slashing mechanism or stake lost if a flaw is discovered. The primary deterrent is reputational damage, which may be insufficient against anonymous operators or short-term schemes.
06
User Verification Burden
The 'provable' aspect requires active verification by users. Most participants lack the technical skill to run the verification scripts, creating a security model where trust is placed in third-party auditors or community members. This shifts security from cryptographic certainty to social trust, diluting the core benefit for the average user.
COMPARISON
Provably Fair vs. Traditional RNG
A technical comparison of verifiable on-chain randomness versus conventional server-side random number generation.
| Feature | Provably Fair RNG | Traditional RNG (Server-Side) |
|---|---|---|
Verification Method | Client-verifiable cryptographic proof | Trust in operator's black box |
Transparency | Full (seeds, algorithm, outcome public) | Zero (opaque internal process) |
Auditability | Anyone can cryptographically audit post-game | Requires privileged server access |
Tamper Resistance | High (committed before reveal, on-chain) | Low (single point of control) |
Latency | Higher (requires commit-reveal cycles) | Lower (instant server calculation) |
Primary Use Case | Trust-minimized applications (gambling, NFTs, lotteries) | General computing, non-critical applications |
Implementation Complexity | High (requires cryptographic logic) | Low (standard library functions) |
examples
PROVABLY FAIR
Examples & Use Cases
Provably fair mechanisms are foundational to decentralized systems where trust cannot be assumed. These examples demonstrate how cryptographic verification is applied across different domains to ensure transparency and fairness.
01
On-Chain Gaming & Gambling
This is the most common application. Platforms like Dice or Roulette games use a commit-reveal scheme. The server generates a secret seed, commits its hash before the player's bet, and reveals it afterward. Players can independently verify that the revealed seed matches the commitment and that the random outcome was derived correctly, proving the game was not manipulated post-bet.
02
NFT Minting & Random Distribution
Fair launches and random NFT trait generation use provably fair randomness. A protocol like Chainlink VRF provides a verifiable random number. The request includes a seed, and the response comes with a cryptographic proof. Anyone can verify that the random number was generated after the request was made and was not influenced by the oracle or the project team, ensuring fair distribution of rare items.
03
Lotteries & Prize Draws
Decentralized lotteries require a tamper-proof method to select a winner. They often use a verifiable random function (VRF) or a future block hash as an unbiased seed. The entire selection process is recorded on-chain. Participants can audit the smart contract to confirm their ticket was included in the pool and that the winning selection algorithm was executed exactly as published, with no central party able to alter the result.
04
Validator & Committee Selection
In Proof-of-Stake networks, selecting the next block proposer or a shard committee must be unpredictable and fair. Protocols use a RANDAO or VRF scheme. Validators contribute to a randomness beacon, and the output is used to choose leaders. The process is publicly verifiable, preventing any single validator from predicting or manipulating their turn, which is critical for network security and liveness.
05
Zero-Knowledge Proof Systems
Within zk-SNARK and zk-STARK protocols, a trusted setup ceremony is often required to generate public parameters. A provably fair multi-party computation (MPC) ceremony is used, where multiple participants contribute randomness. The final parameters are secure as long as at least one participant was honest and destroyed their secret. The transcript of the ceremony allows anyone to verify the integrity of the process.
06
Fair Ordering in MEV Protection
To combat Maximal Extractable Value (MEV) and front-running, some protocols implement fair ordering mechanisms. Validators or sequencers commit to a transaction order using a cryptographic commitment before seeing the full content. This creates a verifiable timeline, proving that the order was not manipulated to extract value from users, leading to a more equitable trading environment.
PROVABLY FAIR
Common Misconceptions
Provably Fair is a cryptographic technique used in blockchain applications, particularly in gaming and gambling, to allow users to verify the fairness of a random outcome after the fact. This section addresses frequent misunderstandings about its guarantees, implementation, and limitations.
No, 'Provably Fair' does not guarantee the overall fairness of the game or platform; it only provides a cryptographic proof that a specific random outcome was generated as advertised and was not altered after the fact. The term is often misunderstood as a blanket endorsement of the platform's integrity. A protocol can be provably fair in its random number generation (RNG) but still be unfair in other critical areas, such as:
- Payout rules being skewed against the player.
- Front-end manipulation where the displayed result differs from the on-chain verified result.
- Selective disclosure where the platform only allows verification of certain outcomes. True fairness requires a transparent and auditable smart contract governing all game logic, not just the RNG. The 'provably fair' label primarily assures the randomness of a single event, not the absence of systemic bias.
PROVABLY FAIR
Frequently Asked Questions
Provably Fair is a cryptographic system that allows participants to verify the fairness and integrity of a process, such as a game outcome or a random number generation, after it has occurred. This section answers common questions about how it works and its applications in blockchain and Web3.
Provably Fair is a cryptographic protocol that enables independent verification of the fairness and non-manipulability of a system's outcomes, such as random number generation in games or lotteries. It works by having the service provider commit to a secret seed and a public seed (often from a future blockchain block hash) before the event. After the result is generated, the provider reveals the secret seed. Anyone can then cryptographically verify that the result was derived deterministically from the two seeds and was not altered after the fact. This creates transparent and auditable fairness without relying on trust in a central operator.
ENQUIRY
Get In Touch
today.
Our experts will offer a free quote and a 30min call to discuss your project.
NDA Protected
Confidentiality24h Response
Time to ValueDirectly to Engineering Team
No Sales Fluff10+
Protocols Shipped
$20M+
TVL Overall