Stake Crash has done $26B in wagering over 7 years. But is it actually fair? We checked all 8.2M rounds since 2019 and broke down the maths Can Stake rig the result? What are the real odds? Can any strategy beat it? Full breakdown below
4
4
61
17,083
Stake Crash has done $26B in wagering over 7 years. But is it actually fair? We checked all 8.2M rounds since 2019 and broke down the maths Can Stake rig the result? What are the real odds? Can any strategy beat it? Full breakdown below
4
4
61
17,083
And the maths says you can't beat it: a 1% house edge at every cash out target, no matter when you cash out. No strategy changes it. We ran every one of the 8.2 million rounds. The results: • Instant crash: 1.97% vs 1.98% expected • 2.00x: 49.511% vs 49.5% expected • 10.00x: 9.910% vs 9.9% expected
1
4
982
Bonus: the interesting part Stake has actually known every Crash result since 2019. All 10 million of them, locked in But they still can't touch a single one. One altered result breaks the hash chain instantly and publicly That original secret seed is the master key. Anyone who obtained it could regenerate the entire chain and predict every remaining Crash result If it's stayed secret for 7 years, that's impressive OPSEC from Stake
6
911
How do you actually know a game's RTP is real? You don't. Here's how our audit checks it: RTP decides how much you lose over time. 99% means the game keeps 1% over millions of bets. Casinos advertise it, but players can't realistically test it. So normally you just take it on trust. We prove it using multiple methods instead. How we do it: we never trust the casino's own odds. We rebuild the game from its rules and the verified RNG, work out the true probabilities ourselves, then place real bets on anonymous accounts the casino can't identify and confirm the live game matches. Then it goes through our test suite. Example, Duel Mines: - 7,050 real bets we placed, recomputed from their seeds. 0 mismatches. The live game does exactly what the rules say. - 24 million rounds simulated. RTP 99.904%, the math said 99.900%. Confirmed - Convergence: 97.9% at 1,000 rounds, 99.8% at 10k, 99.904% at 1M - Statistical tests (chi-squared, autocorrelation), all 24 configs: 0 failures - Cherry-pick test: 1.3 million bets across 130 real casino seeds, checked for bias. 0 found A "provably fair" verifier only proves one bet matched its seeds. It never checks the RTP, the randomness, or whether the odds were changed. Those are the layers that decide if a game's actually fair, and our certification covers them. Every number here is reproducible from the open-source repo: link in comments
4
2
19
9,542
Should you choose your own client seed, or leave the default? Short answer: yes, it matters, and almost nobody checks it. Set your own. Here's why Everyone checks the server seed. Almost nobody asks where the client seed comes from. That's the part that should worry you. Your client seed feeds the randomness of every outcome. It's your half of the input, the half the casino isn't supposed to control. So where it comes from matters. Every default client seed has a source: either it's generated locally in your browser, or the casino's server hands it to you. Looks identical in the box. Completely different in practice. Here's the problem. If the casino controls the server seed AND supplies the client seed, it controls both halves. It can generate seed pairs, see which ones start out house favorable, and serve you one of those. Commit-reveal still passes. Every bet still verifies. You "contributed" nothing. Both sides came from them. Setting your own is the fix. The casino can't pre test against a value it never chose. The catch: most players never change the default, and plenty of big-name casinos serve it server side. So the casino can be holding both halves, and nothing on screen tells you which. This is exactly what our audit checks. First we find where the client seed actually comes from. Then we run our cherry-pick test: hundreds of real casino-generated seed pairs, scanned for bias in the first 10,000 bets, where real players play and a stacked seed gives itself away. If a casino is selecting favorable seeds, that's where it shows up. Does the casino you play on: – Let you set your own custom client seed? – Serve the default from your browser, or its own server? Tag them below
2
2
16
2,065
First Audit Live: Duel​.com 10 in-house games certified How it works: we rebuild each game from scratch, using only the rules Duel publishes, never their own code. Testing a casino with its own code only proves it agrees with itself. From that rebuild, every game faces a scored chain of 15–33 checks in our open-source test suite, scaled to complexity: the full provably fair chain, the RTP math, and real bets from the live site. Inside that chain, statistical analysis tests results for bias and links between bets. Every revealed seed is screened for cherry-picking: casinos quietly discarding seeds that pay too well. Fail one check, fail the whole audit. No partial credit. The numbers: 53,475 real bets, placed through anonymous accounts so Duel couldn't tell audit traffic from any other player. Re-run through our rebuild: every card, reel position, and cascade. All 53,475 identical. 100% parity. 253,000,000 simulated rounds to test the RTP. We calculated what each game should pay using nothing but its published rules, then ran the simulations as a cross-check that the live games agree. Duel's own figures were never part of the test. Some specific examples: 4,294,967,296 slot outcomes tested on Groomer's Van. Not a sample: every spin the game can ever produce, calculated twice, once on CPU, once on GPU. Both gave the same answer. 2,598,960 Video Poker hands. Every hand that can ever be dealt, checked one by one. 2,450 Crash and Castle Roulette rounds. Multiplayer has no client seed, so every round is tied to drand, a public source of randomness nobody controls. Not even Duel. Their seed was locked in before each drand number existed. 3,487 server seeds revealed and checked across all 10 games. Every one matched the hash shown before play. Not one swapped. 151 game integrity checks, a fixed matrix run on every game: a replayed bet must not pay twice, an injected payout value must be ignored, a tampered seed or nonce must be rejected, malformed and simultaneous requests must be handled safely. 147 passed. 4 minor flags, all server-side input validation. Zero fairness failures. Disclosed to Duel and published in full. Full audit, datasets, test suite, simulations and an independent verifier tool built by us. All open source. Anyone can re-run the entire audit and check every finding. audit.provablyfair.org/casin…
6
1
22
23,049
Go deeper: Certification summary: provablyfair.org/casinos/due… Verify your own Duel bets with our verifier build: audit.provablyfair.org/casin… Every game repo: github.com/orgs/ProvablyFair… More audits are underway. Results will drop as they complete.
5
960
Is a provably fair game actually fair? How would a player know? "Provably fair" has become a badge casinos award themselves. Almost every casino claims it. Almost none can prove it. Today we're launching ProvablyFair​.org Certification An independent open-source audit standard for casino built games. Here's why it exists: The casino builds the game. The casino builds the verifier. Then they tell you to use that verifier as proof the game is fair. Of course it matches. That only proves the casino is consistent with itself. It doesn't prove the game is fair. And the gap is real. Every one of these surfaced in the last 6 months. All marketed provably fair, all passing the casino's own verification: -Pay table quietly swapped to lower RTP, the verifier updated to match - A client seed accepted but never used. Decoration - Server seed rotated every bet, nonce stuck at zero, discarding unfavorable seeds - A committed hash swapped after the player locked their seed. Defeats commit-reveal entirely - A verifier running different code from the live game None of these were caught by the casinos own protocols, because a self-verification system can't catch a problem its own author built into both sides. And none of them are things a normal player can realistically detect. So here's how we built it. The method rests on one decision: we rebuild each game from its published rules, not the casino's code. Re-running a casino's own code only proves it's consistent with itself. Rebuilding it independently tests whether the live game does what the casino publicly claims. From that rebuild, for every game we: - Capture and recompute thousands of real bets independently - Run the entire provably fair chain, every cryptographic rule in order - Derive the true RTP from first principles, never trusting the casino's own number - Confirm it across millions of simulated rounds Break even one core rule and the game can be rigged. Pass them all, with the RTP holding up, and it's provably fair. It's binary. It's math, not opinion. That's the standard we think provably fair gaming should be held to. Not a black box audit. Not a trust-us bro PDF. Every audit is public, every verifier is public, every repository is open source. Anyone can clone the code and reproduce the findings themselves. Self-verification proves a casino is consistent with itself. Independent verification proves it's consistent with what it publicly claims. Only the second tells you whether the games are actually fair.
15
9
38
15,634
First certified casino is Duel​.com 10 games 53,475 live bets verified 253M simulation rounds Clone any repo and reproduce it yourself: audit.provablyfair.org/casin…
2
9
1,516
We conducted an independent technical audit of Winna​.com's Plinko game following their March 10 incident report. Our analysis shows that for nearly 3 months, players were playing Plinko on worse odds than the site publicly stated. If you played Winna Plinko between Dec 17 and March 10, your bets were placed under those probabilities. Here’s what the code shows. 🧵
56
21
86
39,779
VERIFICATION TOOL We’re publishing a tool where affected players can input their seed pairs and see which bets would have produced different outcomes under fair binomial probabilities vs the extracted tables. If you played Winna Plinko during the affected period, you can check your results here: 🔗 provablyfair-org.github.io/w…
1
1
5
3,029
MARCH 14 We extracted the live code again. Low, Medium and High modes now use fair binomial coin-flip logic, restoring ~99% RTP. If you played Plinko between Dec 17 and March 10, we recommend contacting support to understand how your play was reviewed. This case is also a good example of why independent third-party verification matters when casinos build and deploy their own games. Github: github.com/ProvablyFair-org/…
1
1
8
2,532