Conversation

Notices

1. MMN-o ✅⃠ (mmn@social.umeahackerspace.se)'s status on Sunday, 07-Jan-2018 14:03:09 EST MMN-o ✅⃠
   (probably not) coming soon to a terminal near you: !fs #wordfight - as opposed to the proprietary #wordfeud - https://social.umeahackerspace.se/attachment/267453
   1. MMN-o ✅⃠ (mmn@social.umeahackerspace.se)'s status on Sunday, 07-Jan-2018 14:13:09 EST MMN-o ✅⃠

      in reply to
      The most interesting thing about decentralised !fs games is how you decide whether to trust the remote party not to cheat.
      
      If anyone has a paper on how to play games containing secrets without a trusted third party, please contact me. I'm guessing a blockchain is the solution, publishing the hash value of each action for each move and then when the game is over, some secret to verify that all moves were legitimate. ("I have [hash of characters]. I use D,O,G. Now I have [hash of characters]." and in the end publishing the original 8 characters).
      
      One would also have to somehow secure that the opponent isn't using a crafted random seed. So maybe the opponents should send each other a nonce (or just use each other's verification hashes) to make sure the game is fair.
      1. MMN-o ✅⃠ (mmn@social.umeahackerspace.se)'s status on Sunday, 07-Jan-2018 14:18:53 EST MMN-o ✅⃠

         in reply to
         (The nonce would then be applied to the random seed to generate a completely different sequence than would otherwise have been generated.)
      2. Bob Jonkman (bobjonkman@gs.jonkman.ca)'s status on Sunday, 07-Jan-2018 16:41:55 EST Bob Jonkman

         in reply to
         I'm sure there's something in #ZeroKnowledge theorems that allows verified moves between two players that don't trust each other. https://en.wikipedia.org/wiki/Zero-knowledge_proof
         1. MMN-o ✅⃠ (mmn@social.umeahackerspace.se)'s status on Sunday, 07-Jan-2018 17:37:23 EST MMN-o ✅⃠

            in reply to
            @lm @bobjonkman A zero-knowledge lets you prove that you know a certain secret. But here you're supposed to show that you _don't_ know the secret (because rigging your seed even for the first round can generate an advantage).
            
            So maybe a two-way zero-knowledge proof in some fashion. I don't think it's hard to figure out if you can wait until the round is over (incentive to cheat is low if it's revealed once you win) - but having it in "real-time" (per-step, also initiated before any moves are made) is a bit weirder.
            
            But then again, maybe if you prove that you had a secret and that this secret was properly hashed with whatever nonce was sent by the opponent... My brain is tying knots on itself.
            1. MMN-o ✅⃠ (mmn@social.umeahackerspace.se)'s status on Sunday, 07-Jan-2018 17:40:33 EST MMN-o ✅⃠

               in reply to
               @lm @bobjonkman (I'm pretty sure that last paragraph describes a part of a zero-knowledge proof protocol)
            2. tekk (tekk@social.tekk.in)'s status on Sunday, 07-Jan-2018 18:07:59 EST tekk

               in reply to
               @mmn Funny that you bring this up! A friend of mine at Uni who's now lecturing for a semseter actually did his masters' thesis on how to cryptographically verify multiplayer card games. I'm asking him now if he has a paper or anything similar: it didn't involve a blockchain, just some clever applications of existing crypto stuff, if I remember my discussions right.
               1. MMN-o ✅⃠ (mmn@social.umeahackerspace.se)'s status on Monday, 08-Jan-2018 01:27:24 EST MMN-o ✅⃠

                  in reply to
                  @tekk Awesome! Thanks for checking with your friend!
      3. 6gain (6gain@loadaverage.org)'s status on Sunday, 07-Jan-2018 15:56:13 EST 6gain

         in reply to
         I wonder if you could use private keys and Merkel Trees to hash and publish your (encrypted) hand in advance, and then validate (public) moves against it as you go, or something. My crypto isn't good enough to know the fine detail.