Every dice roll and card shuffle on Naija Game Arena is generated using a commit-reveal cryptographic system. The randomness is locked before the game starts, and you can verify every outcome yourself after the game ends.
This is the same provably fair standard used by international poker platforms and licensed crypto casinos. We adapted it for board games.
Before the game, the server picks a secret number and shows you its fingerprint (a hash). You also contribute your own random number. During the game, every random event is mathematically derived from both numbers combined. After the game, the server reveals its secret — and you can check that the fingerprint matches and that every event was computed correctly. If the server changed anything, the fingerprint wouldn't match. That's the whole trick.
For those who want the technical details. We don't hide the math — we show it.
HMAC-SHA256 is a keyed-hash message authentication code that produces a 256-bit (32-byte) output. Three properties make it perfect for provable fairness:
Same inputs always produce the exact same output. server_seed + client_seed + nonce → identical result every time.
Given the hash output, it's computationally infeasible to reverse-engineer the input. The server seed stays secret until revealed.
Changing a single bit of input produces a completely different output. You can't tweak a seed slightly to get a desired result.
The server commits to its seed via the hash before the game begins. Changing the seed after would change the hash — and you'd catch it during verification. Breaking SHA-256 would require ~2²⁵⁶ operations.
The server seed is secret during the game, so you can't predict future random events. Even knowing your client seed, you can't compute outputs without both seeds combined.
Random events depend on both server_seed AND client_seed. Neither party alone determines the output. The client seed adds entropy the server can't predict.
We take a flat 5% fee from every pot regardless of who wins. Our revenue is identical whether Player A or Player B wins. Zero financial incentive to rig any game.
Fisher-Yates shuffle of the full 54-card deck
None — all randomness is determined by the initial shuffle. Draw pile order, dealt hands, everything flows from nonce 0.
First dice roll
Each subsequent dice roll increments the nonce. A 15-minute Ludo game might use 40–80 nonces.
First dice roll
Every roll increments the nonce. Fast mode games use fewer nonces than classic mode.
N/A
N/A — Draughts is a pure strategy game with zero random elements.
Step through the commit-reveal process as it happens in a real game.
Server commits to a secret seed by showing you its hash. You can't reverse the hash, but you can verify it later.
Every random event (dice roll, card shuffle) is generated from: server_seed + client_seed + nonce. The nonce increments with each event.
Server reveals the secret seed. Now you have all three ingredients and can recalculate every random event yourself.
Hash the revealed seed → does it match the hash from Step 1? Recalculate all events → do they match what happened? If both yes: the game was fair.
Play any Whot!, Ludo, or Snakes & Ladders game to completion.
On the result screen or in your game history, tap the verification button. It's available on every completed game.
The panel shows the server seed hash (from before the game), the revealed server seed, your client seed, and every random event — all verified with green checkmarks.
Copy the seeds and use any HMAC-SHA256 tool to recalculate the outcomes yourself. The verification runs in your browser — it never trusts the server.
No. The server commits to its seed (via the hash) before the game begins and before it knows what moves you'll make. Changing the seed after commitment would change the hash — and you'd see the mismatch during verification. The client seed adds player-contributed entropy, so even the server can't pre-determine a favourable sequence.
We generate one for you using a cryptographic random number generator. The system is provably fair either way — the server committed to its seed before your client seed was generated. A custom client seed is an extra layer of control, not a requirement for fairness.
HMAC-SHA256 is a cryptographic function that takes a key and a message and produces a 256-bit (32-byte) hash. The critical properties: it's deterministic (same inputs = same output, always), it's one-way (you can't reverse-engineer the inputs from the output), and even a tiny change in the input produces a completely different hash. This makes it perfect for commit-reveal schemes.
The server seed hash is visible to all players in a match during the game. After the game ends, the full server seed and client seed are available to all participants so anyone can verify. This is by design — transparency is the whole point.
Correct. Draughts is a pure strategy game with zero random elements — no dice, no card shuffles. There's nothing to verify because there's no randomness to manipulate. The game outcome is entirely determined by player decisions. The provably fair system applies to games with random elements: Whot! (card shuffle), Ludo (dice rolls), and Snakes & Ladders (dice rolls).
Yes, it's the same commit-reveal architecture used by platforms like Stake, Rollbit, and licensed poker rooms. HMAC-SHA256 based provable fairness is the industry standard. We adapted it for traditional board games instead of casino games, but the cryptographic guarantees are identical.
Entirely in your browser. When you tap "Verify Fairness" on a completed game, the verification code runs locally on your device — it doesn't trust our server's response. You can also copy the seeds and verify them independently using any HMAC-SHA256 tool or write your own verification script.
Play a game, check the math, and see for yourself. Every game. Every roll. Every shuffle. Verifiable.
sports_esports Play & Verify — ₦500 Welcome Bonus