Every crash outcome can be independently verified by anyone. No trust required.
Before the game begins, the server generates a chain of 10,000 seeds. Each seed is derived from the next one via SHA-256:
seed[n] = sha256(seed[n+1]) // seed[0] is used first, seed[9999] is the secret root
The terminus hash (sha256(seed[9999])) is published publicly before any round in the chain is played. This means the server is committed to all future outcomes — it cannot change any seed after the fact without the change being detectable.
For each round, the crash point is derived using HMAC-SHA256:
h = HMAC_SHA256(key=serverSeed, data=roundId.toString()) intVal = parseInt(h.slice(0, 8), 16) // first 4 bytes as uint32 raw = 2^32 / (intVal + 1) crashPoint = max(1.00, raw * (1 - 0.01)) // 1% house edge
Using the round ID as the HMAC message means a single seed can only produce one valid crash point per round ID. The 1% house edge means that over many rounds, the expected payout is 99% of the total wagered — transparent and verifiable.
Before betting opens, the server publishes the SHA-256 hash of the server seed for the upcoming round. After the round concludes, the server reveals the actual seed. You can verify:
sha256(revealedSeed) === publishedHash — the seed was not changed after betting opened.computeCrashPoint(revealedSeed, roundId) === claimedCrashPoint — the crash point matches the formula.Every completed round in the History tab shows the revealed server seed and hashed seed. Click any round to expand it and verify — or do it yourself with one line of JavaScript:
import { verifyCrashPoint } from "@crash/shared";
verifyCrashPoint(
"revealedServerSeedHere",
roundId,
claimedCrashPoint
); // => trueThe @crash/shared package is open source — you can read the exact implementation on GitHub and run it locally without trusting this site at all.