Technology Guide Updated May 2026

Provably Fair Poker: How Verified Card Dealing Works

Provably fair systems let you mathematically verify that every poker hand was dealt randomly. This guide explains the cryptography behind provably fair card dealing — from basic hash functions to advanced mental poker protocols — and where the technology stands for real multiplayer poker.

How Traditional Poker RNG Works

Before understanding provably fair systems, it helps to understand what they replace. Traditional online poker rooms use a Pseudo-Random Number Generator (PRNG) to shuffle and deal cards. A PRNG is a software algorithm that produces sequences of numbers that appear random. The poker room's server runs the PRNG to determine the order of cards in the deck for each hand, then deals cards to players according to that order.

The core trust problem with this approach is that the poker room controls the PRNG entirely. The server generates the card order, the server deals the cards, and the server resolves the hand. At no point can any player independently verify that the cards were dealt according to a genuinely random sequence rather than a manipulated one. You trust the poker room to be honest — and for most licensed, audited rooms, that trust is justified — but it is trust nonetheless, not verification.

Licensed poker rooms mitigate this trust requirement through third-party RNG audits. Companies like Gaming Laboratories International (GLI), eCOGRA, and BMM Testlabs periodically test the PRNG to certify that it produces statistically random outputs. These audits are legitimate and the auditing companies have strong professional reputations. However, audits are periodic (not continuous), test a sample of outputs (not every hand), and certify the algorithm's properties (not that any specific hand was dealt correctly). An audit confirms that the PRNG is capable of producing fair results — it does not prove that any individual hand was fair.

For most players at licensed, reputable poker rooms, this level of trust is sufficient. The combination of regulatory oversight, independent audits, and the room's financial incentive to maintain its reputation creates a reasonable trust framework. But provably fair systems offer something fundamentally stronger: mathematical certainty that replaces trust entirely.

Cryptographic Hash Functions: The Foundation of Provably Fair

Every provably fair system is built on cryptographic hash functions — mathematical algorithms that are the backbone of blockchain technology, digital signatures, and secure communication. Understanding hash functions is essential for understanding how provably fair poker works.

A cryptographic hash function (like SHA-256, the same algorithm used in Bitcoin) takes any input — a word, a number, a sentence, an entire file — and produces a fixed-length output called a hash. SHA-256 always produces a 64-character hexadecimal string regardless of input length. The function has three critical properties that make it useful for provably fair systems.

Deterministic. The same input always produces the same output. If you hash the word "poker" with SHA-256 today, tomorrow, or ten years from now, you get the identical 64-character string every time. This means anyone can independently verify a hash by running the same input through the same function.

One-way. Given a hash output, it is computationally infeasible to determine the input. You cannot reverse-engineer what was hashed by looking at the hash. This property is what allows a poker room to publish a hash before a hand is dealt without revealing the card order — the hash proves a commitment to a specific card order without exposing what that order is.

Collision-resistant. It is computationally infeasible to find two different inputs that produce the same hash. This means the poker room cannot find an alternative card order that produces the same pre-committed hash. Once they publish the hash, they are locked into the specific card order that generated it.

The Commit-Reveal System for Card Dealing

The most common provably fair implementation in crypto poker uses a commit-reveal scheme built on hash functions. Here is how it works step by step.

Step 1: Server generates a seed. Before the hand begins, the server generates a random string called the server seed. This seed, combined with a client seed (provided by or assigned to the player), determines the order of cards in the deck for the upcoming hand. The card order is fixed at this point — it has already been determined by the seeds before any cards are dealt.

Step 2: Server publishes the hash. The server runs the server seed through SHA-256 and publishes the resulting hash to the player. This is the commitment — the server is saying "I have determined the card order and here is the cryptographic proof of what I chose." The player can see the hash but cannot determine the card order from it (because SHA-256 is one-way).

Step 3: The hand is played. Cards are dealt according to the pre-determined order. The hand plays out normally. During the hand, the player sees their own cards and community cards but does not yet know the server seed.

Step 4: Server reveals the seed. After the hand concludes, the server reveals the actual server seed. Now the player has both the server seed and the client seed.

Step 5: Player verifies. The player combines the server seed and client seed using the specified algorithm to reconstruct the card order. They then hash the server seed with SHA-256 and verify that it matches the hash published in Step 2. If it matches, the hand was dealt according to the pre-committed order. If it does not match, the server changed the card order after committing — which would be detectable fraud.

This system provides strong verification for one critical claim: the card order was determined before the hand started and was not changed during play. If you verify the hash and it matches, you can be mathematically certain that the server did not manipulate the deal after seeing your actions.

Server Seeds and Client Seeds in Practice

The two-seed system (server seed + client seed) is designed to prevent the server from having complete control over the card order. The client seed introduces player-side randomness that the server cannot predict or control.

The server seed is a random string generated by the platform's RNG. It is typically a long hexadecimal string (e.g., 64 characters) that provides the primary source of randomness. The server seed is generated fresh for each hand or for a series of hands (depending on the implementation) and is kept secret until after the hand concludes.

The client seed is provided by the player or generated by the player's client software. Some platforms allow players to set their own client seed (adding personal randomness), while others assign a client seed automatically. The client seed ensures that the server cannot predetermine a card order that benefits a specific outcome — because the server does not know the client seed when generating the server seed, it cannot engineer a card order that accounts for both seeds.

In practice, the card order is derived by combining the server seed and client seed (often concatenated and then hashed, or processed through a specific algorithm) to produce a sequence of numbers that map to specific cards. The combination method must be deterministic — given the same server seed and client seed, anyone can reproduce the exact same card order. This reproducibility is what allows verification.

A nonce (a sequential counter) is often included as a third element, incrementing with each hand to ensure that the same server seed and client seed produce different card orders for consecutive hands. The combination of server seed + client seed + nonce gives a unique, deterministic, and verifiable card order for every hand dealt.

Limitations of Commit-Reveal in Multiplayer Poker

The commit-reveal system works beautifully for single-player casino games — dice, crash, slots, blackjack — where only one player receives outcomes and the verification is between the player and the house. In multiplayer poker, a fundamental problem emerges that commit-reveal alone cannot solve.

In a poker hand, the server must deal private cards to multiple players. The server knows all cards — it generated the card order and deals from it. This means the server could theoretically share information about one player's cards with another player, or with a colluding employee, without violating the commit-reveal system. The hash verification proves the cards were dealt according to a pre-committed order, but it does not prove that nobody saw the cards before they were supposed to.

Consider a specific scenario: a poker room employee colludes with a player at the table. The employee can see the server seed and therefore knows all cards that will be dealt. They communicate to their accomplice which cards each opponent holds. The hand plays out, the server reveals the seed, and the verification passes — the cards were indeed dealt according to the committed order. But the game was not fair because one player had illicit access to hidden information.

This is not a hypothetical risk. The history of online poker includes documented cases of employees using backend access to view opponent cards (the "superuser" scandals). Commit-reveal provably fair systems prevent card manipulation (changing the deal) but do not prevent information leakage (seeing the deal in advance and sharing that information).

For this reason, commit-reveal provably fair is better described as "provably unmanipulated" rather than "provably fair" in a multiplayer poker context. It guarantees the cards were dealt as committed but does not guarantee no party had advance knowledge of the cards. Solving the full fairness problem in multiplayer poker requires more sophisticated cryptographic approaches.

Mental Poker Protocols

Mental poker is a field of cryptographic research that addresses the fundamental question: how can players play a fair card game over a network without any trusted third party (dealer)? The concept was first proposed by Shamir, Rivest, and Adleman (the creators of RSA encryption) in 1981 and has been refined by cryptographers for over four decades.

The core idea of mental poker is that the deck shuffling and card dealing are performed collaboratively by the players themselves using cryptographic operations, rather than by a central server. No single party ever has access to the complete card order. Each player can see only their own cards, community cards are revealed to all players simultaneously, and no party can manipulate the dealing.

A simplified version of how mental poker works: imagine each card in the deck is placed in a locked box. Player A shuffles all the locked boxes and locks each one with their own padlock (encryption). Player B receives the shuffled, doubly-locked boxes, shuffles them again, and adds their own padlock. To deal a card to Player A, Player B removes their padlock from that box (partial decryption), and Player A removes their own padlock to see the card. Player B never sees the card because it was always encrypted with Player A's key until Player A decrypted it. Neither player alone controlled the shuffle because both shuffled and both encrypted.

In practice, mental poker protocols use commutative encryption schemes (where the order of encryption and decryption does not matter) to implement this locked-box analogy with mathematical operations rather than physical locks. The most common approaches use elliptic curve cryptography or ElGamal encryption, which provide the commutative property needed for the protocol to function.

The result is a poker game where the dealing is truly trustless — no single participant (including the server, if one is used as a coordinator) has enough information to see any player's cards or manipulate the deal. Each player can verify the fairness of the dealing process after the hand concludes by checking the cryptographic proofs generated during the protocol execution.

Multi-Party Computation for Card Shuffling

Multi-Party Computation (MPC) is a broader cryptographic framework that includes mental poker as a special case. MPC allows multiple parties to jointly compute a function (in this case, shuffling and dealing a deck of cards) while keeping each party's inputs private. No party needs to trust any other party, and no party can cheat without being detected.

In the context of poker, MPC-based card shuffling works by having each player (and optionally the server) contribute randomness to the shuffle. The contributions are combined using a secure protocol that ensures the final shuffle is random as long as at least one participant is honest. This is a powerful guarantee — even if all other players and the server are colluding, a single honest participant ensures the shuffle is fair.

MPC approaches to poker dealing typically use secret sharing schemes. The deck is represented as a set of shared secrets, where each card's identity is split into shares distributed among the participants. No single participant's share reveals the card's identity. To deal a card to a specific player, the other participants combine their shares to reconstruct the card's identity for that player only. The mathematical properties of the secret sharing scheme ensure that no unauthorized reconstruction is possible.

The practical challenge with MPC for poker is computational overhead. Each deal requires multiple rounds of communication between participants, each involving encryption, decryption, and verification operations. While modern hardware and optimized protocols have reduced this overhead significantly (from minutes per hand in early implementations to seconds or sub-seconds in current research), it remains slower than conventional centralized dealing. This is the primary reason why fully MPC-based poker platforms are still rare in production — the user experience trade-off of slower dealing is significant in a game where speed matters.

The Trust Spectrum: From Fully Provably Fair to Unverified

Real-world crypto poker platforms fall on a spectrum of trust requirements, from fully trustless provably fair systems to completely unverified RNG. Understanding where a platform sits on this spectrum helps you assess how much trust you are placing in the operator.

Trust Level	Verification	Technology	Trust Required	Limitation
Fully Provably Fair	Every hand verifiable by any player	Mental poker protocol / MPC	Zero (trustless)	Complex, slower, limited game formats
Commit-Reveal Fair	Server seed hash published before hand	SHA-256 commit-reveal	Minimal	Server knows all cards; collusion risk in multiplayer
Audited RNG	Third-party auditor certifies RNG	PRNG + external audit (GLI, eCOGRA)	Moderate (trust auditor)	Audits are periodic, not per-hand
Unverified RNG	Platform claims fairness without proof	Unknown / proprietary	High (trust platform entirely)	No independent verification possible

Most established crypto poker rooms currently operate at the "audited RNG" or "commit-reveal fair" levels. Fully provably fair systems using mental poker or MPC protocols exist in research and some niche platforms but have not yet achieved mainstream adoption in the crypto poker space. This is an area of active development — as the technology matures and computational costs decrease, expect more platforms to offer stronger verification.

The practical advice for players is to prefer platforms that offer at least commit-reveal provably fair dealing over those that rely solely on audited RNG or unverified claims. Even with the multiplayer limitations discussed above, commit-reveal systems provide meaningful protection against card manipulation (the most common form of cheating) and demonstrate a platform's commitment to transparency. If a platform claims to be provably fair, verify the claim by actually testing the verification process on a few hands — platforms that make the claim but make verification difficult or impossible may not be implementing the system genuinely.

How to Verify Hands Were Dealt Fairly

Verifying a provably fair hand is a straightforward process that any player can perform, even without deep technical knowledge. Most provably fair platforms provide a built-in verification tool, but you can also verify independently using freely available SHA-256 calculators.

Using the platform's verification tool: After a hand concludes, navigate to the hand history or provably fair section of the platform. Find the specific hand you want to verify. The platform will display the server seed hash (published before the hand), the revealed server seed, the client seed, and the nonce. Click the "Verify" button or equivalent. The tool will recalculate the hash from the revealed seed and show whether it matches the pre-committed hash. It will also show the derived card order and confirm it matches what was dealt.

Independent verification: For maximum trust, verify outside the platform. Copy the revealed server seed, client seed, and nonce. Use an independent SHA-256 calculator (available free online or as open-source software) to hash the server seed. Compare the result to the hash that was published before the hand. If they match, the server seed was not changed after commitment. Then, using the platform's published algorithm for combining seeds into card orders, reconstruct the card order and verify it matches the dealt cards.

In practice, most players never verify individual hands. The value of provably fair is less about constant per-hand verification and more about the fact that verification is possible. A platform that implements provably fair dealing knows that any player could verify any hand at any time, which creates a strong deterrent against manipulation. The system's power lies in its verifiability, not in how frequently verification is actually performed.

The Future of Provably Fair Poker

Provably fair poker is still in its early stages relative to where the technology can ultimately go. Several developments are likely to shape the next generation of fair dealing systems.

Zero-knowledge proofs (ZKPs) are emerging as a potential solution to the multiplayer fairness problem. ZKPs allow one party to prove that a statement is true without revealing the underlying information. Applied to poker, a ZKP could prove that a hand was dealt from a legitimately shuffled deck without revealing the positions of undealt cards — solving the information leakage problem that limits commit-reveal systems. ZKP-based poker protocols are in active research and early experimental implementation.

On-chain poker games running entirely on blockchain smart contracts (particularly on Layer-2 networks with low fees and fast finality) represent another frontier. These platforms use the blockchain itself as the trusted execution environment — the shuffling, dealing, and pot distribution all happen in smart contract code that is publicly auditable and cannot be modified during execution. The challenge is performance: even Layer-2 networks introduce latency that affects the poker experience.

Hardware-based randomness using quantum random number generators or trusted execution environments (like Intel SGX or ARM TrustZone) could provide stronger guarantees about the randomness source, complementing the cryptographic verification of how that randomness is used in card dealing.

For the average crypto poker player today, the practical recommendation is straightforward: choose platforms that offer at least commit-reveal provably fair dealing, occasionally verify hands to confirm the system works as claimed, and combine provably fair with other trust signals (licensing, reputation, track record) when evaluating platform reliability. As the technology improves, stronger guarantees will become available — and the crypto poker ecosystem's commitment to provable fairness, even in its current imperfect form, represents a meaningful improvement over the pure-trust model of traditional online poker.

Related Crypto Poker Guides

Provably fair dealing is the technology layer of crypto poker. Explore these guides for the complete strategic and practical picture:

Overview

Crypto Poker Hub

→

Strategy

Crypto Poker Strategy

→

Privacy

Anonymous Crypto Poker

→

Profitability

Crypto Poker Rakeback

→

MTTs

Crypto Poker Tournaments

→

Hub

Crypto Gambling Hub

→

Provably Fair Poker FAQ

What is provably fair poker?▼

Provably fair poker uses cryptographic methods to let players independently verify that cards were dealt randomly and not manipulated. Before each hand, the system commits to the card order using cryptographic hashes. After the hand, the system reveals the information needed for any player to mathematically verify that the dealt cards matched the pre-committed order. This eliminates the need to trust the poker room — you can prove fairness yourself.

How does SHA-256 hashing work in poker dealing?▼

SHA-256 is a cryptographic hash function that converts any input into a fixed 64-character string. Before a poker hand, the server generates a seed that determines the card order and publishes the SHA-256 hash of that seed. After the hand, the server reveals the actual seed. You can run the seed through SHA-256 yourself and verify it matches the pre-published hash. Since SHA-256 is a one-way function (you cannot reverse-engineer the seed from the hash), the server cannot change the card order after publishing the hash without being detected.

What is the difference between provably fair and audited RNG?▼

Audited RNG relies on a third-party auditor (like GLI or eCOGRA) to periodically test and certify that a poker room's random number generator produces fair results. You trust the auditor's assessment. Provably fair systems let you verify fairness yourself on every individual hand using cryptographic math. Audited RNG says "a trusted expert checked this"; provably fair says "here is the math — check it yourself." Provably fair is stronger verification but more technically complex.

Can provably fair truly work for multiplayer poker?▼

This is the central challenge. In single-player casino games (dice, crash, slots), provably fair works perfectly because only one player needs to receive fair random outcomes. In multiplayer poker, the server must deal private cards to each player without any player seeing another's cards, while still proving the deal was fair. Standard commit-reveal systems have a flaw: the server knows all cards and could theoretically share information with a colluding player. Mental poker protocols and multi-party computation solve this but are significantly more complex to implement.

What is a mental poker protocol?▼

Mental poker is a cryptographic protocol that allows players to play a fair card game over a network without a trusted dealer. Each player encrypts the deck with their own key, shuffles it, and passes it on. Cards are dealt by selectively decrypting specific cards for specific players. No single party — not the server, not any individual player — can see all cards or control the dealing. It achieves true trustless fairness in a multiplayer setting, though the computational overhead makes it slower than conventional dealing.

How do I verify that a poker hand was dealt fairly?▼

The verification process depends on the system used. For commit-reveal systems: (1) Note the server seed hash published before the hand. (2) After the hand, obtain the revealed server seed and client seed. (3) Combine them using the specified algorithm. (4) Run the result through SHA-256. (5) Confirm the hash matches the pre-published hash. (6) Verify that the resulting card order matches what was dealt. Most provably fair platforms provide a verification tool where you paste the seeds and it performs the calculation automatically.

Are there downsides to provably fair poker?▼

Yes. Fully provably fair multiplayer poker (using mental poker protocols) is computationally expensive, which can slow down gameplay. The protocols are technically complex, meaning fewer platforms implement them correctly. Simpler commit-reveal systems work well for single-player games but have trust gaps in multiplayer poker (the server still sees all cards). Additionally, most players never actually verify hands, so the provably fair feature goes unused despite being available — making it more of a trust signal than a practical tool for most users.