User:Hakerh400/Crypto Lottery

Crypto Lottery is a concept conceived by User:Hakerh400 in 2024.

Overview

There are ${\displaystyle n\geq 1}$ participants. The system must pick exactly one of them. The organizer (the server and their owners) must not be able to rig the outcome. None of the participants can rig the outcome.

The system operates in the following manner. Each participant has a unique public id ${\displaystyle i}$ (${\displaystyle 1\leq i\leq n}$). There is a scheduled short timeframe in which participants must submit their inputs. During the timeframe (which should be around half a minute), each participant submits a fixed-sized byte array ${\displaystyle P_{i}}$. After the timeframe ends, the system immediately calculates and displays the hashes ${\displaystyle H_{i}}$ for each participant (makes the hashes publicly available). No new inputs can be submitted after that. Then the system starts to calculate who the winner is.

Calculating who the winner is works as follows. Each participant's id ${\displaystyle i}$ is concatenated with their input ${\displaystyle P_{i}}$ and the hash ${\displaystyle H_{i}={\text{Hash}}\left(i||P_{i}\right)}$ is computed (this ensures that each participants has a unique hash). Those hashes become public after the timeframe ends. Then the system concatenates all hashes sorted by participant's ids and computes the global hash ${\displaystyle G={\text{Hash}}\left(H_{1}||\dots ||H_{n}\right)}$. Then it iteratively computes the hash of ${\displaystyle G}$ many times (enough times so that it would be impossible to do so within the timeframe) and obtains ${\displaystyle F=\underbrace {{\text{Hash}}\left(...{\text{Hash}}\left(G\right)\right)} _{N{\text{ times}}}}$, where ${\displaystyle N}$ is some fixed public large number (billions). The system then computes ${\displaystyle R_{i}={\text{Hash}}\left(H_{i}||F\right)}$ for each participant. The winner is the participant with the smallest ${\displaystyle R_{i}}$.

Security

Each participant's input affects the result in a hard-to-predict way. Participants cannot rig the outcome because they don't know the hashes of other participants. Organizers cannot rig the outcome because they cannot compute ${\displaystyle F}$ during the timeframe, and they cannot insert additional fake participants after the timeframe ends because they must display the total number of participants and their hashes immediately. Since each ${\displaystyle H_{i}}$ is public, each participant can verify the outcome by computing ${\displaystyle F}$.