What an RNG is and why there's so much talk about it
An RNG (Random Number Generator) is an algorithm that produces unpredictable numbers. In Rocket X it's the RNG that determines the moment the rocket crashes and what the final multiplier will be.
Technically there is no "true" randomness in computers — all algorithms are deterministic. What we call random is actually pseudo-random numbers derived from an initial value called a seed. If you know the seed and the algorithm, the result becomes fully predictable. That's why the key question for an online casino is: who generates the seed and how, and whether that can be controlled or verified.
Historically, all the distrust of online casinos revolved around this. If the operator fully controls the seed and the algorithm, then theoretically it could pick seeds that are unfavorable to players. Proving or disproving that publicly was impossible. Provably Fair was devised precisely as an answer to this problem.
Before Provably Fair: the classic "trust the auditor" model
Classic online casinos work like this:
- The operator obtains a license from a regulator: Curaçao Gaming Authority, Malta Gaming Authority, UK Gambling Commission, Kahnawake Gaming Commission, and the like.
- The regulator requires the use of a certified RNG.
- Certification is performed by independent labs: eCOGRA, GLI, iTech Labs, BMM Testlabs.
- The lab receives a large sample of results and checks them statistically — for uniformity of distribution, absence of patterns, and conformity with the stated RTP.
- If everything checks out, a certificate is issued, which the casino shows to players.
1win Gaming, as the developer of Rocket X, also goes through this procedure with specialized labs. It works on average, but this model has a fundamental flaw: the player cannot verify a specific round. Only the lab, only statistically, only after the fact.
If in one specific round you lost a large bet and suspect something is off, the only way to dispute it goes through the casino's own support, its regulator, and potentially the courts. In practice, almost no one does this. Provably Fair closes this gap: you can verify any round right now, in your browser, without the help of an auditor or regulator.
Provably Fair: three ingredients
The Provably Fair approach appeared around 2014 in crypto casinos (SatoshiDice, Bustabit, and the like) and later became the industry standard for crash games. It uses three key components, each of which is visible to the player in a special settings section.
| Component | Who generates it | When the player sees it | What it's for |
|---|---|---|---|
| server_seed | Casino server | SHA-256 hash before the series of rounds; the seed itself afterward | The basis of randomness. Proves the result wasn't tampered with |
| client_seed | Player (or auto) | At any time in settings | Guarantees the casino didn't pick a server_seed tailored to the client |
| nonce | Server, automatically | Public, increases by 1 each round | Makes each round in the series unique, with the same server_seed |
The idea is simple. Before the start of a series of rounds, the server generates
a server_seed (a long random string), computes its
SHA-256 hash, and publishes only the hash.
The seed itself stays secret until the end of the series. Since SHA-256
is irreversible, you can't recover the seed from the hash — but it's locked in.
The player can set any client_seed by hand
(or accept an automatically generated one). After the series of rounds ends,
the server reveals the server_seed. After
that, the player can:
- Compute the SHA-256 of the revealed
server_seedand compare it with the previously published hash — this proves the seed wasn't changed during the series. - Independently recompute each round's multiplier from
server_seed,client_seed, andnonce, and compare it with what was actually shown.
If both conditions hold, the round is fair.
How the hash becomes a multiplier
The exact formula for turning the hash into a crash multiplier differs between crash games. 1win Gaming, like other providers, doesn't publish the precise Rocket X algorithm — this is standard practice to make exploiting possible implementation bugs harder. But the general template for the crash-game genre is publicly known and works almost the same way everywhere.
The basic logic:
- Take
HMAC-SHA256(server_seed, client_seed + ":" + nonce)— this yields a 64-character hex string. - From its first part (usually 8 or 13 hex characters) an integer is taken.
- This number is divided by the maximum possible value — giving a fraction between 0 and 1.
- The fraction is converted into a crash multiplier by a formula of the form
(1 / (1 − x)) × (1 − house_edge), which produces a Pareto distribution: most rounds get low multipliers, rare ones get very high multipliers. - If the result is below 1.00, the round counts as an instant crash (multiplier 1.00×). The share of such rounds corresponds to the casino's house edge (about 3%).
The distribution of multipliers is not uniform but heavily skewed to the right (a Pareto distribution). This means: most crashes happen below 2.00×, 10× multipliers occur in fewer than one in ten rounds, and 100×+ in thousandths of a percent of rounds. This isn't "unfair" — it's a mathematical consequence of the formula, and it's exactly what delivers the 97% RTP.
How to verify a round yourself
Suppose you played a series of rounds in Rocket X. After the series ends
(or after changing the client seed), the casino reveals the
server_seed. You now have:
published_hash— the SHA-256 hash you saw BEFORE the seriesserver_seed— revealed by the server after the seriesclient_seed— your client seednonce— the number of the specific round in the seriesactual_multiplier— the actual multiplier of that round (from the history)
A minimal Python script that checks both conditions — that the
hash wasn't swapped and that the multiplier really was computed from
the revealed seed. Save it to a file called verify.py, replace
the values with your own, and run it with python3 verify.py:
# verify.py — verify a single Provably Fair round in Rocket X
import hashlib, hmac, math
# 1. What we received from the casino:
published_hash = "a3f5...e91d" # SHA-256 of server_seed, published before the series
server_seed = "7b2c...43a8" # revealed by the casino after the series
client_seed = "my_random_seed"
nonce = 42 # round number in the series
actual_multiplier = 2.47 # from the round history
# 2. Check #1: the casino didn't swap server_seed
recalculated = hashlib.sha256(server_seed.encode()).hexdigest()
assert recalculated == published_hash, "❌ Hash mismatch — the casino changed the seed!"
print("✓ Hash matches: server_seed was not swapped")
# 3. Check #2: recompute the multiplier
message = f"{client_seed}:{nonce}".encode()
key = server_seed.encode()
h = hmac.new(key, message, hashlib.sha256).hexdigest()
# Take the first 13 hex chars (52 bits), convert to a number
x = int(h[:13], 16)
e = 2 ** 52
# Multiplier formula (typical for crash games)
if x == 0:
multiplier = 1.00
else:
multiplier = math.floor((100 * e - x) / (e - x)) / 100
print(f"Recalculated multiplier: {multiplier}×")
print(f"Actual multiplier: {actual_multiplier}×")
If both assert checks pass and the recalculated multiplier
matches the actual one, the round is fair. If something doesn't match,
that's serious grounds not to play at that casino and to publish
the discrepancy.
The exact formula for turning the hash into a multiplier in Rocket X isn't publicly documented. The script above uses the standard crash-game template and works for most implementations of the genre. If the hash matches but the multiplier doesn't, that doesn't necessarily mean cheating: 1win Gaming may have its own truncation constant or its own conversion formula.
What Provably Fair doesn't guarantee
Provably Fair is powerful protection against one specific type of fraud: tampering with a specific round's result after the fact. But it's not a cure-all. Here's what this system does not do.
It doesn't reduce the house edge
The RTP stays at 97%; on average the player loses 3% of every bet. Provably Fair guarantees the fairness of the process, not the profitability of the outcome. If you play a thousand fairly generated rounds with a negative expected value, you'll lose money. Just like in a fair lottery with a 50% RTP.
It doesn't protect against picking a "bad" server seed
Technically, before a series the casino could generate a thousand
server_seed candidates, look at the multiplier
distributions they produce, and pick the least favorable one
for the player. The hash will be of the chosen seed — formally everything is
"fair," but the casino used foreknowledge. This attack
is called a selection attack.
The defense against it is to set your own client_seed
manually. If the client seed is set by the player (not the server),
the casino doesn't know in advance what the resulting multiplier will be,
and can't "cherry-pick" it.
It doesn't replace a regulator's license
Provably Fair solves only the task of mathematically verifying a round. All other aspects (payouts, data protection, addiction prevention, KYC, AML) lie in the domain of regulators and licenses. A casino can have Provably Fair and still refuse to pay out winnings on contrived grounds — these are different things.
It doesn't make the game "smarter"
The fact that you can verify a round's result after it
ends does nothing to help predict the next
round. Prediction requires the server_seed,
which is only revealed after the series. Any "signals,"
"forecasts," and "algorithms" claiming to predict
Provably Fair rounds are a scam. More on this in
"The truth about signals".