Back to Blog
Provably Fair Gaming with WWZ
By macktastick

Provably Fair Gaming with WWZ

With WWZ, fairness isn't just a promise - it's mathematically provable. Every game outcome is determined by cryptographically secure randomness that players can independently verify. Here's how we do it.

The Challenge of Fair Randomness in Online Games

Online multiplayer games face a fundamental trust problem: how can players be certain that game outcomes aren't being manipulated? Traditional approaches rely on trust—players must believe that:

  • The server's random number generator is truly random
  • Game administrators aren't tampering with results
  • The house isn't favoring certain players

This trust-based model has significant weaknesses. Even with the best intentions, players have no way to verify fairness for themselves.

Our Solution: Provably Fair Gaming

WWZ implements provably fair gaming using Solana blockchain data. This means every player can independently verify that game outcomes were determined fairly, without manipulation.

Here's how it works:

Step 1: Fetching Immutable Blockchain Data

When a game starts, we fetch the latest finalized block from the Solana blockchain:

block_data = Solana::BlockFetcher.fetch_latest_block

This returns data like:

{ block_number: 378326730, block_hash: "8CmGsSZy..." }

Why Solana? Because:

  • Block data is public and immutable once finalized
  • Anyone can verify the block hash on blockchain explorers like Solscan
  • The blockhash is unpredictable before finalization
  • Solana's fast finality (< 1 second) means minimal delay

Step 2: Adding Unpredictability with a Random Salt

To prevent players from predicting the seed before the game starts, we generate a random salt (alphanumeric string).

This salt serves two purposes:

  1. Prevents prediction: Even though the block hash is public, the salt isn't revealed until the game starts
  2. Ensures uniqueness: Multiple games using the same block will have different seeds

Step 3: Generating a Deterministic Seed

We combine the block hash and salt, then hash them with SHA-256 to create the game seed:

combined = block_hash + salt
hash_bytes = Digest::SHA256.digest(combined)
seed = hash_bytes.unpack1('Q>') % (2**62)

This produces a seed like: 2796515097053631072

This seed is:

  • Deterministic: The same block hash + salt always produces the same seed
  • Unpredictable: Can't be known until both values are revealed
  • Verifiable: Anyone can reproduce the calculation

Step 4: Storing Verification Data

We store all the data needed for verification:

game.seed_block_number = 378326730
game.seed_block_hash = "8CmGsSZy..."
game.seed_salt = "1fc718627277f7c09a4899665f8addba"
game.seed = 2796515097053631072

This data is publicly visible on every game page, allowing anyone to verify fairness.

How Players Can Verify Fairness

Every WWZ game has a dedicated verification page (/games/:id/verify) that shows:

Automatic Browser Verification

When you load the verification page, JavaScript automatically:

  1. Reads the block hash and salt
  2. Combines them
  3. Computes SHA-256 hash
  4. Converts to seed (matching server logic)
  5. Compares with the stored seed

If the seeds match, you see: ✓ Seeds Match! This game was provably fair.

Manual Verification

Don't trust our JavaScript? You can verify independently using any programming language. Here are a few examples:

Ruby:

require 'digest'

block_hash = "8CmGsSZyeQf29YgCxmnBV7pE42UB6tgQk7J8zCjrZT3y"
salt = "1fc718627277f7c09a4899665f8addba"

combined = block_hash + salt
hash_bytes = Digest::SHA256.digest(combined)

seed = hash_bytes.unpack1('Q>') % (2**62)
puts seed

This outputs: 2796515097053631072

Python:

import hashlib
import struct

block_hash = "8CmGsSZyeQf29YgCxmnBV7pE42UB6tgQk7J8zCjrZT3y"
salt = "1fc718627277f7c09a4899665f8addba"

combined = block_hash + salt
hash_bytes = hashlib.sha256(combined.encode()).digest()

seed = struct.unpack('>Q', hash_bytes[:8])[0] % (2**62)
print(seed)

This outputs: 2796515097053631072

JavaScript:

async function verifySeed() {
  const blockHash = "8CmGsSZyeQf29YgCxmnBV7pE42UB6tgQk7J8zCjrZT3y";
  const salt = "1fc718627277f7c09a4899665f8addba";

  const combined = blockHash + salt;
  const encoder = new TextEncoder();
  const data = encoder.encode(combined);
  const hashBuffer = await crypto.subtle.digest('SHA-256', data);
  const hashArray = new Uint8Array(hashBuffer);

  const view = new DataView(hashArray.buffer);
  let seed = view.getBigUint64(0, false);
  seed = seed % (2n ** 62n);

  console.log(seed.toString());
}

This outputs: 2796515097053631072

Blockchain Verification

You can also verify the block hash is legitimate by checking Solscan:

  1. Click the block number link on the verification page
  2. Verify the blockhash matches what Solscan shows
  3. Confirm the block was finalized before the game started

This proves the game couldn't have been manipulated—the block data is immutable on the blockchain.

Deterministic Game Replay

Once a seed is set, the entire game becomes deterministic. This enables perfect replay functionality.

This is crucial for:

  • Debugging: Reproduce any game state exactly
  • Verification: Prove game logic executed correctly
  • Analysis: Study specific game scenarios

Fallback for Reliability

What if Solana is temporarily unavailable? We have a fallback for generating a seed server-side.

Games that use the fallback:

  • Still function perfectly
  • Use cryptographically secure randomness
  • Won't show Provably Fair badge (we attempt to be honest about verification limitations)
  • Are clearly marked in the UI

Why This Matters

Traditional online games require you to trust the platform. With provably fair gaming:

  • Transparent: All seed generation data is public
  • Verifiable: Anyone can check the math independently
  • Immutable: Blockchain data can't be retroactively changed
  • Deterministic: Same seed always produces same results
  • Trustless: No need to trust us—verify yourself

The Technical Stack

Our provably fair system uses:

  • Solana Blockchain: Public, immutable data source
  • SHA-256 Hashing: Industry-standard cryptographic hash
  • Ruby Random: Seeded RNG for deterministic gameplay
  • Web Crypto API: Client-side verification in browser
  • PostgreSQL: Durable storage of verification data

See It In Action

Every WWZ game shows its provably fair status:

  1. Game Lobby: Compact Provably Fair badge with verification link
  2. Replay Page: Full seed data display with educational content
  3. Verification Page: Step-by-step verification with live browser calculation

Try it yourself: Create a game, start it, and click 🔍 Verify Seed to see the full verification process.

Conclusion

Provably fair gaming represents a fundamental shift from trust-based to verification-based fairness. By leveraging Solana blockchain data and cryptographic hashing, WWZ ensures that every game outcome is transparent, verifiable, and mathematically fair.

You don't have to trust us—you can verify us.