Raffair

Guide

How to pick a raffle winner fairly (and prove it)

The short answerA fair raffle draw needs two things: a source of randomness no one can influence, and a way for entrants to verify the draw after the fact. The strongest approach is a commit-reveal: publish a hash of your draw seed before tickets go on sale, then reveal the seed plus a public randomness beacon (drand) at draw time. Anyone can re-derive the winner — making manipulation impossible to hide.

By Kirill GrouchnikovFounder, Raffair. Published .

General information, not legal advice. Always check the current Gambling Commission guidance for your specific situation.

TL;DR

A fair raffle draw needs two things: a source of randomness no one can influence, and a way for entrants to verify the draw after the fact. The strongest practical approach is a commit-reveal: publish a hash of your draw seed before tickets go on sale, then reveal the seed plus a public randomness beacon (drand) at draw time. Anyone can re-derive the winner — making manipulation impossible to hide.

What "fair" actually means

Fairness in a raffle is a function of three properties:

  • Independence. The operator can't influence the result — not in their head, not at the keyboard.
  • Bindingness. The operator can't re-roll until they like the result.
  • Verifiability. An entrant can confirm the result without trusting the operator.

A camera pointed at a tombola is fine at a village fête, but online it fails property 3 — entrants can't see the ticket sheet, so they can't check the drawn number was theirs. A simple RNG fails property 2 — the operator can run it ten times and stop when they like the answer. Commit-reveal + a public beacon fixes all three.

The commit-reveal pattern

A commit-reveal works in two steps:

  1. Commit. Before tickets go on sale, the operator generates a random seed, then publishes a cryptographic hash of it (SHA-256 is standard). The hash doesn't reveal the seed, but it binds the operator to that exact value — change the seed later and the hash won't match.
  2. Reveal. At draw time, the operator publishes the seed itself. Entrants can hash it, compare it to the committed hash, and confirm it's the same seed that was bound before any tickets were sold.

On its own, commit-reveal makes the seed binding, but not necessarily independent — the operator picked the seed. That's what drand fixes.

Public randomness with drand

drand is a public randomness beacon run by a federation of independent organisations. It produces a new verifiable random value every 30 seconds, signed by a threshold of beacon members so no single party can tamper with it. Crucially, you can't predict a drand value in advance — its randomness is established after the fact.

A robust raffle draw uses both: the operator commits to a sealed seed in advance, and at draw time combines that seed with the drand value at a specific round (e.g. "the drand round at 18:00:00 UTC on the closing day"). The hash of both becomes the RNG input that picks the winning ticket.

How an entrant verifies a draw

An entrant who wants to verify the result should be able to:

  1. Read the committed hash that was published before tickets went on sale.
  2. Read the revealed seed published after the draw, hash it, and confirm it matches the commitment.
  3. Fetch the specific drand round directly from a drand API.
  4. Read the published ticket list (every ticket and its position).
  5. Combine the seed and the drand value, run the published derivation, and check the result is the announced winner.

On Raffair every drawn raffle has a public verification page exposing all of those values. There's no log-in, no auth, no asking. Anyone can re-run the maths. See how the platform works end-to-end for the full draw + payout flow.

Primary sources: drand.love (public randomness beacon); IETF VRF and threshold-BLS papers for the cryptography underpinning drand.

Frequently asked questions

Can I just use a random number generator?

You can, but entrants have no way to verify you didn't re-roll until you got the result you wanted. A commit-reveal hash plus a public beacon removes that ambiguity — and removes the temptation.

Should ticket numbers be assigned randomly to entrants?

No. Sequential ticket numbers (the next ticket sold gets the next number) are the standard for raffles, both physical and online. Randomising assignment adds complexity (collision handling, opaque audit trails) without changing fairness — every ticket still has identical probability of winning, because fairness is established at draw time by the RNG, not at sale time. Sequential numbering also makes verification simpler: the published ticket list is a clean range from 1 to total sold, with no gaps for anyone to question.

Related guides

How to run a raffle online (UK & Ireland) — the complete 2026 guide

Step-by-step: pick a legal route (society lottery, prize competition, or free draw), set a price, run the draw, and pay the winner. UK & Ireland.

How to run a raffle legally in the UK (society lottery vs prize competition vs free draw)

The three legal routes for UK raffles explained: society lottery, prize competition, and free draw. Which applies to you, and what each one requires.

About the author

Kirill Grouchnikov

Founder of Raffair. Building the UK's first transparent-pricing raffle platform after watching small charities and creators lose 15–25% of their gross to incumbent platforms. Writes about raffle compliance, payments engineering, and trust mechanics.

How to pick a raffle winner fairly (and prove it) · Raffair