Provably-fair proof
This page reproduces the winner computation from public inputs. You can recompute every step in your browser's DevTools — don't trust our math, verify it.
1. Pre-commit (server_seed_hash)
Published when the draw went live (2026-05-30T19:53:19.938Z).
70fb61dfe348e6f52a725a6be5c383e9eb4bc1bc3667bf11c843a8fffd261c2b2. Reveal (server_seed)
Revealed after draw (2026-05-30T22:43:07.506Z).
b0bb059edd14b68e27e339518d9b8e2e564787d5ca48d33955eab7fce65ed989Hash check: ✓ sha256(server_seed) === published hash
3. Client seed inputs (all sold eggs)
| # | Wallet | Winner? |
|---|---|---|
| 1 | A3nRd6...Fbvt | |
| 2 | AeQZ2G...ee2f | |
| 3 | 7MvYxZ...1dXP | |
| 4 | 71dfGd...SS6g | |
| 5 | 8x4sSX...Tt9Q | |
| 6 | did:pr...mmq2 | |
| 7 | 34HCCG...q8Xm | |
| 8 | AqCfXY...fEwZ | |
| 9 | CjkpzR...cV6q | |
| 10 | B9g8Cu...NiEn | |
| 11 | DPvMXQ...quty | |
| 12 | 6Ucamk...eXtQ | 🎉 |
| 13 | JBstPD...Zir9 | |
| 14 | E1VVNK...Ba9E | |
| 15 | 4YKVpG...Aokb | |
| 16 | HnnL3K...zJUJ | |
| 17 | 5WKJVZ...J4E3 | |
| 18 | 6fTqFr...7u9i | |
| 19 | 6vy6Cb...43c5 | |
| 20 | 98V4U3...nULW |
4. Derived client_seed
client_seed = sha256(sorted by entry_number, joined as "N:wallet" with '|')
450e48994f4a8bbf5fb1df00ad1f3ed836f81f4454decd8f971b46c7109044db5. External entropy (Bitcoin block)
Mixed into the HMAC input so the draw depends on a value the operator could not have known when the server seed was committed ( 2026-05-30T19:53:19.938Z). Any Bitcoin block mined after the commit works — we take the tip at draw time.
0000000000000000000093aa4b2df42819acb3e7004991133715364176a722b7block time2026-05-30T22:34:06.000ZCross-check on mempool.space or blockstream.info.
6. Winner computation
HMAC-SHA256(server_seed, "client_seed:lotto_id:source:height:hash"), first 16 hex chars, mod sold_count (20).
hmac = 12a8481e442e4c53099030f4f7c841306eb92ad91cb618cc93f9c8120bfe7176Computed index: 11 → winning egg: #12
7. Independent verification
Show JS snippet (paste into DevTools)
const seed = "b0bb059edd14b68e27e339518d9b8e2e564787d5ca48d33955eab7fce65ed989";
const hashStr = "70fb61dfe348e6f52a725a6be5c383e9eb4bc1bc3667bf11c843a8fffd261c2b";
const clientSeed = "450e48994f4a8bbf5fb1df00ad1f3ed836f81f4454decd8f971b46c7109044db";
const lottoId = "1cdf54c2-162e-4d34-ac42-1ed217d3dd9e";
const sold = 20;
const entropy = "mempool.space:951762:0000000000000000000093aa4b2df42819acb3e7004991133715364176a722b7";
async function run() {
const enc = new TextEncoder();
const seedBytes = enc.encode(seed);
const hashed = await crypto.subtle.digest("SHA-256", seedBytes);
const recomputed = [...new Uint8Array(hashed)]
.map((b) => b.toString(16).padStart(2, "0")).join("");
console.log("hashOk:", recomputed === hashStr);
const key = await crypto.subtle.importKey(
"raw", seedBytes, { name: "HMAC", hash: "SHA-256" }, false, ["sign"]
);
const message = entropy
? clientSeed + ":" + lottoId + ":" + entropy
: clientSeed + ":" + lottoId;
const sig = await crypto.subtle.sign("HMAC", key, enc.encode(message));
const hex = [...new Uint8Array(sig)]
.map((b) => b.toString(16).padStart(2, "0")).join("");
const idx = Number(BigInt("0x" + hex.slice(0, 16)) % BigInt(sold));
console.log("hmac:", hex);
console.log("winnerIndex:", idx);
}
run();