A crash game's randomness comes from a pseudorandom number generator (PRNG). Modern PRNGs, when seeded properly, produce sequences that are statistically indistinguishable from true randomness for any practical purpose. This article explains how PRNGs work inside a crash game, what "seeded properly" means, and how a cheating operator could still produce a passing result if nobody is watching.
What is a pseudorandom number generator?
A pseudorandom number generator (PRNG) is an algorithm that takes a starting value — called a seed — and produces a long sequence of numbers that appear random. "Pseudo" means the numbers are not truly random: given the same seed, the same algorithm will produce the identical sequence every time. But if you do not know the seed, you cannot distinguish the output from genuine randomness.
Every crash game uses a PRNG. The PRNG produces a number for each round, and that number is converted into the crash multiplier. The specific PRNG algorithm varies — common choices include HMAC-SHA256 (used in most provably fair implementations), Fortuna, and Mersenne Twister (used in some RNG-certified games).
The quality of the PRNG matters enormously. A weak PRNG — one with low entropy, short cycle length, or predictable output — could allow an attacker to predict future rounds from observed past rounds. A strong PRNG makes this computationally infeasible.
What "strong" means in practice: A cryptographic PRNG like HMAC-SHA256, seeded with 256 bits of entropy, would require more computation to crack than there are atoms in the observable universe. This is not hyperbole — it is a direct consequence of the mathematics. For practical purposes, a properly seeded cryptographic PRNG produces output that is indistinguishable from true randomness.
How does a crash game turn a random number into a multiplier?
The conversion from random number to crash multiplier follows a specific mathematical formula. The formula is designed to produce the target distribution — the shape that makes crash games work as a gambling product.
The target distribution: In a crash game with house edge h, the crash multiplier m is drawn from a distribution where the probability of reaching at least m is approximately (1-h)/m. This produces:
- Many low crashes (roughly 50% below 2.0× for a 3% edge game)
- Progressively fewer high multipliers
- Occasional extreme values (100×, 500×, 1000×+)
A simplified example of the conversion:
1. PRNG produces a 256-bit hash:
"a7f3b2c1d4e5..."
2. First 52 bits are extracted as an integer:
value = 3,847,291,045,382
3. The formula applies:
if value % 33 == 0: → crash at 1.00× (instant crash, ~3% of rounds)
else:
multiplier = (2^52) / (value + 1) × (1 - house_edge)
multiplier = max(1.00, floor(multiplier × 100) / 100)
4. Result: crash point = 2.47×
The exact formula varies by operator. In Stake Crash and BC.Game Crash, the formula is published as part of the provably fair specification. In Aviator, the formula is disclosed to the certifying laboratory but not publicly.
The instant-crash mechanism (step 3, the modulo check) is how the house edge is implemented. Approximately 1% to 3% of rounds crash immediately at 1.00× — before any player can cash out — and these rounds represent the operator's built-in margin. The rest of the rounds follow the exponential distribution that creates the familiar crash-game shape.
What does it mean to "seed" the RNG?
The seed is the starting value that determines the entire output sequence of the PRNG. A good seed must have two properties:
High entropy. Entropy measures unpredictability. A seed derived from the current timestamp has low entropy — there are only so many possible timestamps, and an attacker who knows approximately when the seed was generated can narrow the possibilities. A seed derived from a hardware noise source (thermal noise, mouse movements, network packet timing) has high entropy — the number of possible seeds is astronomically large.
Secrecy. The seed must remain secret during the active rotation. If an attacker learns the seed, they can predict every future round until the seed rotates. In a provably fair system, the seed is eventually revealed (after rotation), but by that point a new seed is in effect.
Seed rotation is the process of replacing the active seed with a new one. In provably fair crash games, the operator generates a chain of seeds in advance — each seed is the hash of the next. This chain structure ensures that the operator cannot choose seeds retroactively. When a rotation occurs, the old seed is revealed for verification and the new seed (already committed via its hash) takes effect.
The rotation process itself is a potential vulnerability. If an operator times rotations to coincide with specific player behaviors (large incoming bets, for example), they could influence the distribution of outcomes even though each individual round passes hash verification. This is the rotation attack described in our article on rotation analysis, and it is one of the more sophisticated threats that our methodology is designed to detect.
How can you tell if an RNG is well-seeded or broken?
You cannot tell from a single round or even a few dozen rounds. A broken RNG and a working RNG produce output that looks the same to the naked eye. Detection requires statistical analysis of large samples.
Tests that auditors apply:
Distribution testing (Clash Watchdog AI Column B). Collect thousands of crash multipliers and compare the observed distribution to the theoretical distribution. Use chi-squared goodness-of-fit or Kolmogorov-Smirnov tests. If the observed distribution deviates significantly from theory, the RNG or the game's parameters are suspect. See our methodology.
Serial correlation testing. Check whether knowing round N's outcome helps predict round N+1. In a properly functioning RNG, consecutive rounds should be independent — the correlation coefficient should be statistically indistinguishable from zero. If rounds are correlated, the RNG may be cycling too short or the seed may have insufficient entropy.
Runs testing. Examine the sequence of above-median and below-median outcomes. In a truly random sequence, "runs" (consecutive outcomes on the same side of the median) follow a predictable distribution. Too many long runs or too few suggest the RNG is not random.
Birthday spacing test. Check whether the gaps between repeated values in the PRNG output match the expected distribution. Deviations can reveal internal state collisions in weak PRNGs.
Autocorrelation at lag k. Test whether outcomes separated by k rounds are correlated, for various values of k. This can detect subtle periodicities in the PRNG output that are not visible in consecutive-round analysis.
These tests require thousands to tens of thousands of rounds to achieve statistical power. This is one reason Clash Watchdog AI collects large datasets before drawing conclusions, and why our evidence tiers require progressively larger samples for higher confidence levels.
What does a rigged crash game look like, mathematically?
A rigged crash game is one where the RNG output is manipulated to produce a distribution that differs from the declared parameters — typically to increase the house edge beyond what is advertised.
Method 1: Parameter fraud. The operator advertises 97% RTP but uses a formula that produces 93% RTP. Every round passes provably fair verification (the hash chain is honest), but the formula that converts hashes to multipliers includes a higher house edge than disclosed. This is detectable only through large-sample distribution testing — which is exactly what our Column A and Column B audits do.
Method 2: Selective seed rotation. The operator monitors incoming bets. When a large bet is placed, the operator rotates to a new seed that was pre-selected to produce a low crash point for the next few rounds. The new seed's hash was already committed, so the hash check passes. But the timing of the rotation is correlated with player behavior, which violates the independence assumption. Detection requires testing whether rotation events cluster around high-wager periods.
Method 3: Weak PRNG. The operator uses a PRNG with insufficient entropy or a short cycle length. The output passes casual inspection but fails rigorous statistical tests. An attacker (or the operator themselves) who reverse-engineers the PRNG state could predict future rounds. Detection requires the advanced statistical tests described above.
Method 4: RNG bypass. In non-provably-fair games, the operator could simply bypass the RNG for specific rounds and insert predetermined outcomes. Without a hash-commitment scheme, there is no mechanism for players to detect this. This is the fundamental weakness of RNG-only systems — and the fundamental strength of provably fair.
Why does independent auditing matter even with provably fair RNGs?
Provably fair proves that each round's commitment was honored. It does not prove:
- That the formula is fair (parameter fraud)
- That the seed rotation timing is fair (selective rotation)
- That the PRNG has adequate entropy (weak PRNG)
- That the overall distribution matches the declared RTP (systemic deviation)
These gaps are why independent auditing exists. Clash Watchdog AI's three-column framework — Column A (RTP deviation), Column B (distribution testing), Column C (hash chain verification) — covers both the per-round integrity that provably fair addresses and the systemic properties that provably fair does not.
No single verification method is complete. Hash checks without distribution analysis miss parameter fraud. Distribution analysis without hash checks misses per-round manipulation. Both together — the combination of cryptographic verification and statistical auditing — provide the most comprehensive picture of whether a crash game is operating as advertised.
This is the principle behind the Clash Watchdog AI methodology: trust is layered, not binary. A game is not simply "fair" or "unfair." It is more or less verifiable across multiple independent dimensions. Our evidence tiers reflect this reality — higher tiers mean more dimensions verified with larger samples and tighter confidence intervals. See our game listings for the current status of games we have reviewed.