The Idea
CrownWynn is a no-risk, casino-style gaming platform built around two games, Mines and Keno, using virtual crowns instead of real money. The reason the project exists is not the games. It is the chance to build a fairness guarantee from first principles and prove it in code, end to end, the same way real online casinos do with their "provably fair" systems.
Every draw and every mine layout is derived deterministically from three inputs: a server seed, a client seed, and a nonce. The player can take those three values after the game is over, run them through the same SHA-256 pipeline, and confirm that the outcome they saw is the outcome the seeds produce.
Provably Fair RNG
The protocol is a straight adaptation of the commit-reveal scheme used by platforms like Stake:
- The server generates a fresh server seed with secrets.token_hex(32), a cryptographically secure 64-character hex string. It hashes the seed with SHA-256 and sends the hash to the client before the player places any bets. This is the commit.
- The client has its own client seed that the player can reroll at any point. Each game uses a monotonically increasing nonce so the same seed pair never produces the same result twice.
- For a Mines game, the server computes SHA-256 over "server_seed:client_seed:nonce", then walks the hex output two characters at a time, mapping each byte to a tile index in [0, 24] modulo 25 and skipping duplicates until it has placed the requested number of mines. If it runs out of hash before placing all mines, it rehashes with a counter and continues.
- Keno uses the same construction, except it draws 10 numbers from [1, 40] instead of mine positions.
- When the player ends their session (or rotates the seed), the server reveals the server seed. The client can re-run the derivation in any language and confirm the positions or drawn numbers match.
Why the Guarantee Holds
Because the server seed was committed as a hash before any game was played, the server cannot retroactively pick a seed that gives the house a better outcome. The guarantee comes from SHA-256 preimage resistance, not from trusting the operator.
The same property means the player cannot claim a game was rigged in hindsight: the committed hash pins the server to exactly one seed, and the verification endpoint lets anyone re-run the derivation to confirm the outcome was the one the math produced.
Mines Payout Math
Mines uses the standard 5x5 grid (25 tiles). The multiplier formula is combinatorial:
multiplier = C(25, r) / C(25 - m, r) * 0.99
where r is the number of tiles the player has revealed without hitting a mine, m is the number of mines on the board, C(n, k) is the binomial coefficient, and the 0.99 factor encodes a 1% house edge. This is the same closed-form expression Stake uses. Values are computed with Python's math.comb so there is no floating-point drift in the binomial step.
Keno Payout Math
Keno uses Stake's Medium-risk payout table. After 10 numbers are drawn from 1-40, the multiplier is a direct lookup based on how many spots the player selected (1 through 10) and how many of those spots matched the draw. The table is hardcoded in keno_utils.py and ranges from a 0.40x consolation on a miss with 1 spot selected to 1000x on matching all 10.
Authentication & Currency
Auth is JWT-based. Tokens carry the user identity; every wager endpoint validates the token, confirms the user has enough virtual crowns to cover the bet, and rejects manipulated amounts at the serializer layer before they ever reach the game logic. Balances, wagers, and payouts are all handled server-side; the client is never trusted to report its own outcome.
Everything runs on virtual crowns. No real money, no payment rails, no KYC. The fairness guarantees are identical to a real casino's provably fair system, but the platform sidesteps the regulatory complexity entirely.
Supporting Features
Core product scope is Mines, Keno, auth, and the provably fair pipeline. Around that sits a light profile layer:
- Welcome bonus on first login and recurring daily and ad-watch claims that top up the crown balance.
- Per-game stats: games played, biggest win, best winning streak, split between Mines and Keno.
- Leaderboard page.
- Seed rotation: the player can reroll the client seed and force a new server seed at any time, which also resets the nonce counter.
Architecture
| Layer | Technology | Purpose |
|---|---|---|
| Frontend | Next.js App Router + React + TypeScript | Game UIs, auth flows, leaderboard, profile, admin |
| Backend | Django + Django REST Framework | Models, views, serializers, signals, provably fair logic |
| Auth | JWT | Stateless token auth on every wager endpoint |
| Database | PostgreSQL | Users, profiles, balances, mines games, stats |
| Reverse proxy | Nginx | Single entrypoint, routes to frontend and API containers |
| Orchestration | Docker Compose | Four-container stack (frontend, backend, db, nginx) |
Security Design
- Cryptographically secure seeds generated server-side with secrets.token_hex. No user-provided entropy is trusted for the server seed.
- Commit-reveal on the server seed. The client sees only the hash until the seed is rotated, so the operator cannot pick a seed after seeing client input.
- Wager validation at the serializer layer. Amounts, mine counts, and spot selections are bounded and type-checked before game logic runs.
- Balance arithmetic lives on the server. The client never sets its own balance; it only observes the post-game state.
- Clear service boundaries: the reverse proxy is the single entrypoint, and the database is not exposed outside the Docker network.
Status
The platform is functional end to end: auth, wagers, both games, seed rotation and verification, stats, and the leaderboard all work. It is not currently deployed. I am planning to redeploy it soon, at which point the live link will go on this page.