To guarantee absolute fairness, every outcome is generated by combining a hidden secret from our server with a unique digital signature from your wallet. Because neither of us knows both pieces ahead of time, it is mathematically impossible for anyone to predict or rig the result.
How It Works
Our smart contract acts as a secure middleman that combines two separate puzzle pieces to create your final random outcome:
- Piece 1: The Server Secret. Before you even click to open a pack, our system generates a highly secure, random secret. We show you the "hash" (a locked cryptographic version) of this secret upfront so you know we can't change it later.
- Piece 2: Your Digital Signature. When you click to open the pack, your wallet signs a special message authorizing the action. This signature acts as your unique, completely unpredictable contribution.
- The Final Result: Our smart contract permanently locks these two pieces together to create the final "Master Seed". The result is generated instantly and fairly on the blockchain.
Why We Do It This Way
Older systems require you to wait for multiple blockchain transactions, which can take up to 15 to 18 seconds. By using your wallet's signature as half of the random seed, we deliver a provably fair result in just a single transaction, saving you time without sacrificing security.
FAQ: Provably Fair Randomness in Pack Opening
What blockchain does pack opening run on?
Pack opening runs on the Ronin blockchain — a blockchain built specifically for fun applications. Ronin features fast block times (~3 seconds) and low transaction fees, which makes on-chain actions like opening packs quick and affordable. The randomness logic is enforced by smart contracts — programs that live on the blockchain and execute automatically, transparently, and without any single party being able to alter their rules once deployed.
What does "provably fair" mean when I open a pack?
It means that neither you nor our servers can predict or manipulate the outcome of your pack opening. The random result is generated by combining a secret from our backend with your own wallet signature — so no single party controls what you get. Because the logic runs inside a smart contract on Ronin, the entire process is recorded on-chain and anyone can independently verify it.
How is the randomness generated?
Two independent inputs are combined to produce the final random seed:
- A random secret generated by our server.
- A signature created by your wallet.
- These are merged on-chain by the smart contract using a cryptographic hash (keccak256), producing a result that neither side could have predicted or tampered with alone.
Do I need to manually sign something with my wallet?
No — the signing is handled automatically behind the scenes using Privy, our embedded wallet provider. When you click "Open Pack," Privy signs the required message on your behalf seamlessly, so you don't need to interact with wallet pop-ups or understand any of the cryptographic details. From your perspective, the experience is as simple as clicking a button and seeing your result.
Why is a wallet signature needed at all if it's automatic?
Even though the signing happens invisibly, your wallet signature is a critical part of the fairness guarantee. It injects your own unique, unpredictable input into the randomness — ensuring our backend cannot pre-determine the outcome. The automation via Privy simply removes the friction without compromising the security.
Can the backend cheat by choosing a favorable secret?
No. The backend commits to a secret before your wallet signs. Your signature is unpredictable to the backend, so even though it chose the secret, it cannot know what the final combined seed will be. The smart contract verifies that the secret and your signature match what was agreed upon.
Can anyone cheat by simulating the result and canceling if it's unfavorable?
No. The transaction is submitted by the backend on your behalf — not by you directly. This means nobody can simulate the outcome in advance and selectively cancel unfavorable results.
How fast is this process?
The entire pack opening requires only one blockchain transaction on Ronin, making it significantly faster than the previous two-transaction model. Thanks to Ronin's fast block times, you should see your result in just a few seconds.
What prevents someone from reusing a signature?
Every signing request includes a unique one-time nonce and an expiry timestamp. The smart contract rejects any signature that has already been used or has expired, preventing replay attacks.
How can I verify the fairness myself?
Since everything happens on-chain on Ronin, you can use the Ronin block explorer to inspect your transaction and confirm:
- Your signature was correctly verified.
- The final seed was computed as keccak256(backendSecret + yourSignature).
- The result was derived from that seed without any modification.
What is the role of the smart contract?
The RandomnessRelayer smart contract acts as a neutral referee deployed on Ronin. It verifies your wallet's signature, checks that the nonce hasn't been reused and isn't expired, combines both random inputs into a master seed, and passes it to the pack-opening contract — all in a single, auditable transaction. Because it's a smart contract, its code is public and its behavior cannot be secretly changed by anyone.