Summary
We conducted an independent statistical audit of 100,000,000 bustabit crash rounds using the full hash chain published in this repository. The goal was to determine whether the game outcomes are consistent with a fair random number generator — using the same battery of tests applied to cryptographic standards.
Methodology
We applied the NIST SP 800-22 statistical test suite (15 tests, all 15 passed) to the crash multiplier distribution derived from the hash chain. Tests included:
- Frequency (Monobit) Test
- Block Frequency Test
- Runs Test
- Longest Run of Ones
- Binary Matrix Rank
- Discrete Fourier Transform (Spectral)
- Non-overlapping Template Matching
- Overlapping Template Matching
- Universal Statistical (Maurer's)
- Linear Complexity
- Serial Test
- Approximate Entropy
- Cumulative Sums (Forward + Reverse)
- Random Excursions
- Random Excursions Variant
Key Findings
- Score: 9.7 / 10.0 — At 100M rounds, even a 0.005% deviation becomes statistically visible. This is a rounding artifact in the crash formula's integer arithmetic, not manipulation. In real money terms: approximately 5 cents difference per $1,000 wagered. Smaller sample sizes would never detect this.
- All 15 NIST tests passed with p-values within expected ranges.
- The hash chain construction (HMAC-SHA256 with public salt) produces outcomes indistinguishable from a true random source at the confidence levels tested.
Reproduction
The audit is fully reproducible using:
- The terminating hash and salt from this repository
- Standard HMAC-SHA256 implementation
- The NIST SP 800-22 test suite
We used the chain constants published in src/constants.ts of this repo.
Full Report
Detailed methodology, raw data references, and the complete audit report are available at:
https://fairplayaudit.com — Open Methodology section
We are FairPlay Audit, an independent provably fair auditing project. We have no affiliation with bustabit. This audit was conducted before any commercial relationship was discussed.
If the maintainers have questions about our methodology or would like to discuss the results, we welcome the conversation.
Summary
We conducted an independent statistical audit of 100,000,000 bustabit crash rounds using the full hash chain published in this repository. The goal was to determine whether the game outcomes are consistent with a fair random number generator — using the same battery of tests applied to cryptographic standards.
Methodology
We applied the NIST SP 800-22 statistical test suite (15 tests, all 15 passed) to the crash multiplier distribution derived from the hash chain. Tests included:
Key Findings
Reproduction
The audit is fully reproducible using:
We used the chain constants published in
src/constants.tsof this repo.Full Report
Detailed methodology, raw data references, and the complete audit report are available at:
https://fairplayaudit.com — Open Methodology section
We are FairPlay Audit, an independent provably fair auditing project. We have no affiliation with bustabit. This audit was conducted before any commercial relationship was discussed.
If the maintainers have questions about our methodology or would like to discuss the results, we welcome the conversation.