v1.0 · Technical & fairness specification for operators
Deep Sea Dive X is a crash-style multiplier game themed as a submarine descent. A round begins when the player commits a bet and presses Dive. The multiplier grows continuously with elapsed time until either the player cashes out or the submarine implodes at a hidden, pre-committed crash point.
Every round is server-authoritative and provably fair: the crash point is decided on the server the moment the round starts, sealed by a SHA-256 commitment before the client sees anything, and revealed after the round ends so any third party can recompute it.
The multiplier curve is deterministic and grows exponentially with elapsed seconds t:
m(t) = 1.00 · e^(k · t)
The crash point C is drawn from a heavy-tailed distribution with a configurable house edge h. Using the standard crash-game construction, given a uniform u ∈ (0, 1] derived from the round HMAC:
C = max(1.00, floor( (100 − h) / (1 − u) ) / 100)
With house edge h = 1% the theoretical RTP is 99.00%. A small share of rounds bust at 1.00× to fund the edge; the tail rewards long dives. Payout on cash-out is bet × m(t_cashout), rounded to 6 decimals.
Cosmetic rival submarines shown in adjacent lanes are decorative only. They do not affect payout, do not share the player's seed, and their outcomes cannot influence the crash point.
serverSeed and a monotonic nonce.serverSeedHash = SHA-256(serverSeed), the nonce, and the player-supplied clientSeed. The raw seed and crash point are never sent while the round is live.C = f( HMAC-SHA256(serverSeed, clientSeed:nonce) ) and stored server-side, gated by row-level security.serverSeed is revealed. Anyone can (a) verify SHA-256(serverSeed) == serverSeedHash and (b) recompute C from the seeds and nonce, then compare against the round record.Because the commitment is published before the round starts, the operator cannot change the outcome after the fact, and the player cannot learn it in advance.
m(t) from the server-recorded started_at. If m ≥ C at request time, the round is forced to crashed regardless of what the client claims.WHERE status = 'diving', eliminating double-settle races between concurrent finalizers.server_seed and crash_point are unreadable via public RLS policies while the round is live.Operators are onboarded via the admin console. Each operator receives an API key (shown once, stored only as a SHA-256 hash) and manages an allowlist of approved player wallets.
startRound → pollRound (or client-side ticker) → cashOut.operatorId is supplied, only wallets on that operator's active allowlist may open rounds.0.01 and 1000 units of the selected currency.The public Fairness Verifier lists the latest finalized rounds with their seeds, nonces, and crash points. Anyone can paste the revealed serverSeed, clientSeed, and nonce into the verifier and reproduce the crash point locally in the browser.
The reference implementation of computeCrashPoint and SHA-256 is shipped in the client bundle at src/lib/crash-formula.ts so operators and auditors can inspect and re-run it independently of any server response.