GithubHelp home page GithubHelp logo

c4p-n1ck / coinflip-bruh Goto Github PK

View Code? Open in Web Editor NEW

This project forked from brilliancebitcoin/coinflip

0.0 0.0 0.0 119 KB

A fair coinflip on bitcoin with no trusted third party. Coordination happens over nostr.

Home Page: https://brilliancebitcoin.github.io/coinflip/

License: Creative Commons Zero v1.0 Universal

HTML 100.00%

coinflip-bruh's Introduction

How to play

Click here: https://brilliancebitcoin.github.io/coinflip/

How it works

Remote coinflipping

In 1981, a researcher named Michael Blum invented a remote coinflipping technique. To do it, you pick Heads or Tails and commit to it via a cryptographic hash which you share with your opponent. Then your opponent guesses if you picked Heads or Tails. If you reveal the preimage to your cryptographic hash and it matches your opponent's guess, or if you abort the protocol, it counts as a win for your opponent. If you reveal the preimage to your cryptographic hash and it does not match your opponent's guess, it counts as a win for you. Thus all outcomes after your opponent makes their guess involve either your victory or your defeat with a 50/50 chance either way.

Blinded bit commitments

It is possible to simulate remote coinflipping on bitcoin's blockchain using bitcoin's built-in programming language -- bitcoin script. Bitcoin script can be used to construct a function called a blinded bit commitment function. A simple blinded bit commitment is a hash of the number 0 or of the number 1 -- one bit. By giving you this hash, your opponent commits to a bit. But you don't know which bit your opponent committed to because you only see a hash of the number they chose, and not the number itself. Thus you are "blind" to what your opponent committed until they reveal it. Once you have your opponent's blinded bit commitment, you are supposed to guess which one they committed -- a 0 or a 1 -- and they are supposed to reveal their preimage to you. If you guess correctly, or if they abort the protocol after you guess, you win the bet amount, otherwise you lose.

In bitcoin we use a slight variation on blinded bit commitments because if you merely ran the number 0 or the number 1 through a hashing function, it would be discernible to your opponent. They could run both numbers through the same hashing function and check which hash matches the one you gave them. To prevent this, you don't commit precisely to the number 0 or the number 1, but to a byte string which is either 16 or 17 bytes in length. Your opponent guesses 16 or 17, then you reveal your bytestring to your opponent, and they check if their guess was right or wrong. This has the same effect as a blinded bit commitment but is more secure for use on the blockchain.

XOR

One of the functions I need to determine the winner of the coinflip is an XOR logic gate. An XOR logic gate is a fundamental building block of computers which takes two binary digits as input (for example, 0 and 1) and returns a 1 if they are different numbers or a 0 if they are the same number. Bitcoin script has a function called op_numnotequal which I use for this purpose. Op_numnotequal checks whether two numbers are equal. If they are not equal, it returns true, and the program proceeds to the next step (which, in my game, is to check the signature of player 1 and then -- if they supplied a valid signature -- let them withdraw the money). If they are equal, the program returns false, and the transaction fails.

Timelock

My coinflip game also uses a timelock: once money is deposited into the coinflip address, if 8 blocks go by without player 1 using bytestrings of matching size to withdraw the money, player 2 can withdraw the money. It is also worth noting that player 2 deposits 2x the bet amount into the coinflip address, and player 1 never actually deposits any money into the coinflip address. Instead, player 1 deposits their money into an address that allows player 2 to take it if they reveal their preimage, otherwise player 1 can take their money back out after 4 bitcoin blocks. This technique incentivizes player 2 to reveal his preimage, otherwise he cannot get player 1's deposit and will only get his own money back (thus aborting the game). To take player 1's money, player 2 must reveal his preimage, which allows player 1 to determine whether she won or not. If she won, she can use her preimage plus player 2's preimage to take player 2's money from the coinflip address, thus getting the full value of her bet back plus an additional 1x the bet amount from her opponent. If she lost, she cannot take player 2's money, so player 2 will get it back and will also keep the money he took from player 1 in a prior step. Thus either way, the winner ends up with 2x the bet amount, and the loser ends up with a loss of 1x the bet amount.

Notes on its status as a work-in-progress

(1) I know, it's absolutely horrendous in appearance -- maybe someday it will look pretty but I am not a frontend girl

(2) You need to play it with testnet coins, I use this faucet: https://bitcoinfaucet.uo1.net/send.php -- I usually send money from the faucet directly into the addresses the game tells me to send money to, and I usually use the faucet's address as the withdrawal addresses for both players

(3) I store game state and private keys in browser storage and I clear the browser storage every time you reload the page, so don't hit refresh til your game is done

(4) All needed functionality is present. If you follow the procedures outlined in the status messages (and don't hit abort after you've deposited money), the game should work great

(5) I haven't tested what happens if you play the game in two browser sessions that share the same browser storage. It will probably break. So far I always test it with one window in incognito mode and I recommend doing that if you want it to work

(6) Please alert me to any bugs you find

coinflip-bruh's People

Contributors

brilliancebitcoin avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.