Dices provably fair – Nonce overflow vulnerability
Most of bitcoin dice software use a system to prove the fair play of the server for each bet. Most of them implement this mechanism using two seed (server seed and client seed) combined with a session nonce in the aim to provide a fair random number for each bet and usually this nonce is initialized to 0 after each seed change.
But, what if this nonce is stored in an unsigned integer variable (32bit in 32bit systems, 2³² values)? Theorically after 2³²-1 bets, the nonce goes in overflow and return to 0.
Saving each bet roll for every play in the first 2³²-1 window, will provide a map function:
f: n → roll . (n < 2³²)
that could be used to declare a function g(m) that predicts every future roll:
g (m) = f (m % 2³²)
A simple fix for this problem is to regenerate the server seed and reset the nonce after 2³² bets.
Fix eclipse random crash with libsoup-2.4
After upgrading libsoup to version 2.4 on funtoo, eclipse began to present random crash while using auto-completation; the fail-log says that the problem is in libsoup.
The fix is easy, just add this line to your eclipse.ini, don’t ask me why:
-Dorg.eclipse.swt.browser.DefaultType=mozilla