Provably-fair proof
This page reproduces the winner computation from public inputs. You can recompute every step in your browser's DevTools — don't trust our math, verify it.
1. Pre-commit (server_seed_hash)
Published when the draw went live (2026-05-31T18:17:57.276Z).
51f837404de450ac6ac123808bbe8e38a764cf7ae545ac63206f21aa8963b8102. Reveal (server_seed)
Revealed after draw (2026-05-31T19:16:05.030Z).
6d9afd9f3b38cff7e7b7b47fc11e3b43ba5722f93e108b967c43afe8a604fc7cHash check: ✓ sha256(server_seed) === published hash
3. Client seed inputs (all sold eggs)
| # | Wallet | Winner? |
|---|---|---|
| 1 | BgecHp...Pk6P | |
| 2 | BeXDWz...ww2V | |
| 3 | 9UU1p3...teVt | |
| 4 | kUS5Sy...dovw | |
| 5 | 3TDBsG...ovyE | |
| 6 | GbmNiL...xp1Y | |
| 7 | BYqn3m...WNE3 | |
| 8 | 7Y8vNk...Ddyt | |
| 9 | B5ywNJ...iHwX | |
| 10 | Es5494...p7bs | |
| 11 | Bao3UY...qPvx | |
| 12 | 98nEKr...vxCb | |
| 13 | GLZh4h...Vamj | |
| 14 | BEAq6S...fLtK | |
| 15 | 2jcazK...iEey | |
| 16 | AQmp7N...Eatz | |
| 17 | BQGUce...D2oH | 🎉 |
| 18 | ApeP8q...euwV | |
| 19 | 2ird6n...86mv | |
| 20 | 4ZbXXe...uNHz |
4. Derived client_seed
client_seed = sha256(sorted by entry_number, joined as "N:wallet" with '|')
3d7143ead00b72ea981de6a027607d9c619a53d59cbdbc23c5ffeabda391d1ac5. External entropy (Bitcoin block)
Mixed into the HMAC input so the draw depends on a value the operator could not have known when the server seed was committed ( 2026-05-31T18:17:57.276Z). Any Bitcoin block mined after the commit works — we take the tip at draw time.
00000000000000000000a9d181fe40ad7ff8044c9dbfe1380c2b9899a2d7d890block time2026-05-31T18:35:10.000ZCross-check on mempool.space or blockstream.info.
6. Winner computation
HMAC-SHA256(server_seed, "client_seed:lotto_id:source:height:hash"), first 16 hex chars, mod sold_count (20).
hmac = 2b6acdc36825e494ab62c4a5cd3810becaf0c52ce1d3387f688f7fb3f5ac8733Computed index: 16 → winning egg: #17
7. Independent verification
Show JS snippet (paste into DevTools)
const seed = "6d9afd9f3b38cff7e7b7b47fc11e3b43ba5722f93e108b967c43afe8a604fc7c";
const hashStr = "51f837404de450ac6ac123808bbe8e38a764cf7ae545ac63206f21aa8963b810";
const clientSeed = "3d7143ead00b72ea981de6a027607d9c619a53d59cbdbc23c5ffeabda391d1ac";
const lottoId = "ad75cb32-c854-4419-bffd-1ad8865c65b9";
const sold = 20;
const entropy = "mempool.space:951883:00000000000000000000a9d181fe40ad7ff8044c9dbfe1380c2b9899a2d7d890";
async function run() {
const enc = new TextEncoder();
const seedBytes = enc.encode(seed);
const hashed = await crypto.subtle.digest("SHA-256", seedBytes);
const recomputed = [...new Uint8Array(hashed)]
.map((b) => b.toString(16).padStart(2, "0")).join("");
console.log("hashOk:", recomputed === hashStr);
const key = await crypto.subtle.importKey(
"raw", seedBytes, { name: "HMAC", hash: "SHA-256" }, false, ["sign"]
);
const message = entropy
? clientSeed + ":" + lottoId + ":" + entropy
: clientSeed + ":" + lottoId;
const sig = await crypto.subtle.sign("HMAC", key, enc.encode(message));
const hex = [...new Uint8Array(sig)]
.map((b) => b.toString(16).padStart(2, "0")).join("");
const idx = Number(BigInt("0x" + hex.slice(0, 16)) % BigInt(sold));
console.log("hmac:", hex);
console.log("winnerIndex:", idx);
}
run();