Provably-fair proof
This page reproduces the winner computation from public inputs. You can recompute every step in your browser's DevTools — don't trust our math, verify it.
1. Pre-commit (server_seed_hash)
Published when the draw went live (2026-05-31T19:07:41.919Z).
9c5488e87bdccbaac740fb974653921417365234f2be752a679456ec85ffd9982. Reveal (server_seed)
Revealed after draw (2026-05-31T19:56:26.253Z).
a1fe89140e1cdb88a4a2e09a668b525f774c2575afd43b7def759933d844da15Hash check: ✓ sha256(server_seed) === published hash
3. Client seed inputs (all sold eggs)
| # | Wallet | Winner? |
|---|---|---|
| 1 | 6X4AS1...nQww | |
| 2 | BsCuxX...F9UY | |
| 3 | 4vdwQd...KDfW | |
| 4 | 3YBqQc...qsXu | |
| 5 | GLZh4h...Vamj | |
| 6 | B5ywNJ...iHwX | |
| 7 | 98nEKr...vxCb | |
| 8 | HpwH4R...51xh | |
| 9 | 4ZbXXe...uNHz | |
| 10 | Ano4Dm...chSw | |
| 11 | 2wHMMg...HiGw | |
| 12 | 43y2Hn...8yuJ | |
| 13 | 2ird6n...86mv | 🎉 |
| 14 | 9hj7jn...p66e | |
| 15 | CoVhCT...D6Cn | |
| 16 | AQmp7N...Eatz | |
| 17 | 3JmzWh...J9vP | |
| 18 | D2mrbs...2VPQ |
4. Derived client_seed
client_seed = sha256(sorted by entry_number, joined as "N:wallet" with '|')
e454eed94e7f2c79b150226fba8d74884dacb8396e959a9a0f21f438e3785db55. External entropy (Bitcoin block)
Mixed into the HMAC input so the draw depends on a value the operator could not have known when the server seed was committed ( 2026-05-31T19:07:41.919Z). Any Bitcoin block mined after the commit works — we take the tip at draw time.
000000000000000000000ea29810cd6f6c1e048b71f4a65dc9159ff57fff00cbblock time2026-05-31T19:42:14.000ZCross-check on mempool.space or blockstream.info.
6. Winner computation
HMAC-SHA256(server_seed, "client_seed:lotto_id:source:height:hash"), first 16 hex chars, mod sold_count (18).
hmac = d0cfe936450a1eaa96c71bef1a0946cc93932bd355ece9627ea1ac7609d977b7Computed index: 12 → winning egg: #13
7. Independent verification
Show JS snippet (paste into DevTools)
const seed = "a1fe89140e1cdb88a4a2e09a668b525f774c2575afd43b7def759933d844da15";
const hashStr = "9c5488e87bdccbaac740fb974653921417365234f2be752a679456ec85ffd998";
const clientSeed = "e454eed94e7f2c79b150226fba8d74884dacb8396e959a9a0f21f438e3785db5";
const lottoId = "f9083187-6889-4b57-bf5d-95d36d20dfd8";
const sold = 18;
const entropy = "mempool.space:951887:000000000000000000000ea29810cd6f6c1e048b71f4a65dc9159ff57fff00cb";
async function run() {
const enc = new TextEncoder();
const seedBytes = enc.encode(seed);
const hashed = await crypto.subtle.digest("SHA-256", seedBytes);
const recomputed = [...new Uint8Array(hashed)]
.map((b) => b.toString(16).padStart(2, "0")).join("");
console.log("hashOk:", recomputed === hashStr);
const key = await crypto.subtle.importKey(
"raw", seedBytes, { name: "HMAC", hash: "SHA-256" }, false, ["sign"]
);
const message = entropy
? clientSeed + ":" + lottoId + ":" + entropy
: clientSeed + ":" + lottoId;
const sig = await crypto.subtle.sign("HMAC", key, enc.encode(message));
const hex = [...new Uint8Array(sig)]
.map((b) => b.toString(16).padStart(2, "0")).join("");
const idx = Number(BigInt("0x" + hex.slice(0, 16)) % BigInt(sold));
console.log("hmac:", hex);
console.log("winnerIndex:", idx);
}
run();