Provably-fair proof
This page reproduces the winner computation from public inputs. You can recompute every step in your browser's DevTools — don't trust our math, verify it.
1. Pre-commit (server_seed_hash)
Published when the draw went live (2026-05-31T21:21:06.186Z).
ef1f8615cdb0f198e5a501f6c3d5fe1d257c3f712b4e62c4b93cc8e78062e4c62. Reveal (server_seed)
Revealed after draw (2026-06-01T00:04:23.147Z).
fa3e9b474d282840a8164d2f6f1d3dd8f6cf2661531e5238892c1336bc66bb73Hash check: ✓ sha256(server_seed) === published hash
3. Client seed inputs (all sold eggs)
| # | Wallet | Winner? |
|---|---|---|
| 1 | 4vdwQd...KDfW | |
| 2 | 77KYS5...Y2vM | |
| 3 | B5MHQQ...xyP3 | |
| 4 | 6JwQFt...s1Rg | |
| 5 | CyLwMe...zQZ8 | |
| 6 | EzfMVi...2QC6 | |
| 7 | 43y2Hn...8yuJ | |
| 8 | 9UU1p3...teVt | 🎉 |
| 9 | GLZh4h...Vamj | |
| 10 | did:pr...ypmv |
4. Derived client_seed
client_seed = sha256(sorted by entry_number, joined as "N:wallet" with '|')
fcd15d593e9464fb4149699199c8dae78560f74b0aa85d79837d7097df5f42315. External entropy (Bitcoin block)
Mixed into the HMAC input so the draw depends on a value the operator could not have known when the server seed was committed ( 2026-05-31T21:21:06.186Z). Any Bitcoin block mined after the commit works — we take the tip at draw time.
00000000000000000000d40f10282220ab5904b995daf315010f1c47f8eb32a2block time2026-05-31T23:37:57.000ZCross-check on mempool.space or blockstream.info.
6. Winner computation
HMAC-SHA256(server_seed, "client_seed:lotto_id:source:height:hash"), first 16 hex chars, mod sold_count (10).
hmac = 85c628a3fc583cdf1b97cb52430641b6325dfb63da3aa38cd9750df3d506d711Computed index: 7 → winning egg: #8
7. Independent verification
Show JS snippet (paste into DevTools)
const seed = "fa3e9b474d282840a8164d2f6f1d3dd8f6cf2661531e5238892c1336bc66bb73";
const hashStr = "ef1f8615cdb0f198e5a501f6c3d5fe1d257c3f712b4e62c4b93cc8e78062e4c6";
const clientSeed = "fcd15d593e9464fb4149699199c8dae78560f74b0aa85d79837d7097df5f4231";
const lottoId = "372d6974-f21d-4cfa-961b-56c9c92f694e";
const sold = 10;
const entropy = "mempool.space:951913:00000000000000000000d40f10282220ab5904b995daf315010f1c47f8eb32a2";
async function run() {
const enc = new TextEncoder();
const seedBytes = enc.encode(seed);
const hashed = await crypto.subtle.digest("SHA-256", seedBytes);
const recomputed = [...new Uint8Array(hashed)]
.map((b) => b.toString(16).padStart(2, "0")).join("");
console.log("hashOk:", recomputed === hashStr);
const key = await crypto.subtle.importKey(
"raw", seedBytes, { name: "HMAC", hash: "SHA-256" }, false, ["sign"]
);
const message = entropy
? clientSeed + ":" + lottoId + ":" + entropy
: clientSeed + ":" + lottoId;
const sig = await crypto.subtle.sign("HMAC", key, enc.encode(message));
const hex = [...new Uint8Array(sig)]
.map((b) => b.toString(16).padStart(2, "0")).join("");
const idx = Number(BigInt("0x" + hex.slice(0, 16)) % BigInt(sold));
console.log("hmac:", hex);
console.log("winnerIndex:", idx);
}
run();