Provably-fair proof
This page reproduces the winner computation from public inputs. You can recompute every step in your browser's DevTools — don't trust our math, verify it.
1. Pre-commit (server_seed_hash)
Published when the draw went live (2026-05-30T17:25:41.527Z).
c28cd924f4eb8bef5dbf484f7edf28768a22e763e75e48b13f411ed6306e9c642. Reveal (server_seed)
Revealed after draw (2026-05-30T19:57:27.959Z).
3f7ab21b69ed4e5bcbe22bcb6ef4bd0fa59dcd22aea9fc17f075068340aee352Hash check: ✓ sha256(server_seed) === published hash
3. Client seed inputs (all sold eggs)
| # | Wallet | Winner? |
|---|---|---|
| 1 | Dew3MV...SXR7 | |
| 2 | A3nRd6...Fbvt | |
| 3 | 3Wsr1K...EMmZ | |
| 4 | 71dfGd...SS6g | |
| 5 | CjkpzR...cV6q | |
| 6 | AaUMGY...Yw4x | |
| 7 | QLgmbF...RwyN | |
| 8 | AqCfXY...fEwZ | |
| 9 | 9d99om...jLoN | |
| 10 | FHm4sR...gjWh | |
| 11 | C16NGP...kt8h | |
| 12 | HoyaL5...brxR | |
| 13 | 8uZYEA...KNhE | |
| 14 | GV3RyX...nRHp | |
| 15 | 7pSfbn...sHr9 | 🎉 |
| 16 | EFwazu...HwWA | |
| 17 | FXGrja...4sWg | |
| 18 | 98nEKr...vxCb | |
| 19 | 8415Ej...GFFx | |
| 20 | 6chVuz...asve |
4. Derived client_seed
client_seed = sha256(sorted by entry_number, joined as "N:wallet" with '|')
e895b088cb4cbf827f18cf86ddbb82363921e7b7798129b43803d5dac08387645. External entropy (Bitcoin block)
Mixed into the HMAC input so the draw depends on a value the operator could not have known when the server seed was committed ( 2026-05-30T17:25:41.527Z). Any Bitcoin block mined after the commit works — we take the tip at draw time.
00000000000000000000afbfdf35b5a89d57ca23ab8d183b412eac43e80956bfblock time2026-05-30T19:33:55.000ZCross-check on mempool.space or blockstream.info.
6. Winner computation
HMAC-SHA256(server_seed, "client_seed:lotto_id:source:height:hash"), first 16 hex chars, mod sold_count (20).
hmac = 3eed2efbd74f31e6b7afd6295bcd5cbee3c5852cde60cb364e07ef4638aa1f62Computed index: 14 → winning egg: #15
7. Independent verification
Show JS snippet (paste into DevTools)
const seed = "3f7ab21b69ed4e5bcbe22bcb6ef4bd0fa59dcd22aea9fc17f075068340aee352";
const hashStr = "c28cd924f4eb8bef5dbf484f7edf28768a22e763e75e48b13f411ed6306e9c64";
const clientSeed = "e895b088cb4cbf827f18cf86ddbb82363921e7b7798129b43803d5dac0838764";
const lottoId = "1b6a4ba0-fba5-47e0-9f98-82d70e971fed";
const sold = 20;
const entropy = "mempool.space:951747:00000000000000000000afbfdf35b5a89d57ca23ab8d183b412eac43e80956bf";
async function run() {
const enc = new TextEncoder();
const seedBytes = enc.encode(seed);
const hashed = await crypto.subtle.digest("SHA-256", seedBytes);
const recomputed = [...new Uint8Array(hashed)]
.map((b) => b.toString(16).padStart(2, "0")).join("");
console.log("hashOk:", recomputed === hashStr);
const key = await crypto.subtle.importKey(
"raw", seedBytes, { name: "HMAC", hash: "SHA-256" }, false, ["sign"]
);
const message = entropy
? clientSeed + ":" + lottoId + ":" + entropy
: clientSeed + ":" + lottoId;
const sig = await crypto.subtle.sign("HMAC", key, enc.encode(message));
const hex = [...new Uint8Array(sig)]
.map((b) => b.toString(16).padStart(2, "0")).join("");
const idx = Number(BigInt("0x" + hex.slice(0, 16)) % BigInt(sold));
console.log("hmac:", hex);
console.log("winnerIndex:", idx);
}
run();