Have you ever been to Primedice? The site claims to be the world’s biggest Bitcoin gaming site. The website offers a simple game, somewhat akin to a dice roll, that allow people to bet bitcoin on. It turns out, however, that at least one bettor found a way to game the system, and has managed to run off with roughly one million dollars in bitcoins, according to the company’s CEO.
The user, who went under the name “Hufflepuff”, devised a method to hack Primedice’s system. Before the company could prove any wrong doing, and thus ban Hufflepuff, they lost approximately one million dollars. Now, Primedice is offering rewards to anyone who can help them recover their money.
Primedice’s game operates by having their system show a “seed” of information, and the user showing a seed of information. The two numbers are then combined to determine wins and losses. If your a bit confused on how this all works, head to Primedice’s website and read the details, but the biggest benefit for users is that the gaming site offers up the seed that gamers must bet on. This means the seed is generated before the bet and thus cannot be manipulated by the gaming company.
Unfortunately for Primedice, while this system creates obvious benefits for users, it also creates some weaknesses for the company. Hufflepuff figured out a way to get Primedice’s server to send out unencrypted seeds, and was then able to use these unencrypted seeds to make bets after he knew whether he’d win or lose.
Obviously, that’s a big deal for gambler. Primedice has a house edge of only one percent, making it difficult to point out obvious and blatant hacking, but Hufflepuff’s winnings were quickly racking up and the company wasn’t sure why.
Eventually, Primedice figured the scam out and demanded that Hufflepuff return the funds. Needless to say, Hufflepuff declined to return the funds, but then went even further. Although Primedice had patched up the vulnerability, Hufflepuff figured out a way around the patch and began to rip Primedice off. Afterwards, he sent the company a sarcastic email, essentially bragging about his exploits.
Bitcoin gambling is perhaps the ultimate gray area. Already, bitcoin itself is a sort of gray area, not generally recognized by governments as a currency, but seen as something of value, and thus worth legal protections. Gambling, meanwhile, has emerged as a gray area in international law, with online websites able to circumvent local and national regulations against gambling.
Further, with bitcoin being a highly anonymous currency, even if Primedice were to attempt to pursue legal action, it’d be next to impossible to figure out who Hufflepuff was. Even if the user’s identity is determined, the legal complications of pursuing such a case would likely be insurmountable.
The on-going legal complications associated with online gambling have already forced Primedice to pull out of American and Australian markets due to uncertainty over international gaming laws, and potential liabilities for the website. The company is now focused on customers in Russia and China. The whereabouts of the hacker remain unknown at this point.