Public draw verification

Test Cash Raffle — £500 V2

Anyone can confirm this draw was fair — no account needed. We commit to a secret seed before the draw, then reveal it afterwards so the winner can be recomputed independently.

Commitment hash (pre-draw)

Published before any tickets sold.

ce9e3ce2fe73229fa7775cab901ddefced07d50da2df76514fca2dfbb71a20de

Revealed seed

The 32-byte server seed, now public. SHA-256(seed) must equal the commitment above.

9bae06392e1c49593f744bb8b27473a25cf641b946aae1fbbc21285e68cc3a06

Recomputing SHA-256(seed)…

drand round

The League-of-Entropy drand beacon round used as the public-randomness input. Anyone can re-fetch it from the drand mirrors.

Round:: 6186042
Randomness:: 2ea72654b10d6ce1f24de6d7871bbcf9b35575997eb25f870b435adf2dab31bc

Fetch this round from drand →

BLS signature verified against the chain's group public key

Ticket list

Every ticket number that was eligible at draw time, sorted ascending. Hashing that sorted list (SHA-256 of comma-joined numbers) must produce the ticket-list hash below.

b726eed184cea30d5a57fb645f77527e4232bec085e24e8d29a6e3b2c84c2db1

Download ticket list (CSV) →

5 paid tickets · 0 free postal tickets · 1 winner

Winning ticket

The math, spelled out:

mixed = SHA-256(seed || drand_randomness || "prize-0" || ticket_list_hash)
index = bigint(mixed) mod 5
winner = sorted_tickets[index]

The mixed value (also recomputable):

2053eb28f07d2157038ff2191d8d82522f80fa605268c6baa049f43edc061858

Verify with the CLI

A few lines of shell are enough to repeat the calculation locally:

# Confirm the commitment matches the revealed seed:
echo -n "9bae06392e1c49593f744bb8b27473a25cf641b946aae1fbbc21285e68cc3a06" | xxd -r -p | sha256sum

# Fetch the drand round and check its randomness:
curl -s https://api.drand.sh/public/6186042 | jq -r .randomness

# Then run the algorithm: SHA-256(seed || randomness || "prize-0" || ticket_list_hash),
# interpret as a big-endian integer, mod by the ticket count, and look up the
# Nth entry in the sorted CSV (1-indexed in the CSV; 0-indexed in the algorithm).

A standalone open-source verifier is a TODO — once published it'll replace this recipe with a single command.

How verification works

1. Commit. Before any tickets sell, we publish the SHA-256 hash of a secret server seed.
2. Pin public randomness. At draw time we lock to a future drand beacon round that nobody can predict in advance.
3. Reveal. Once that round is public, we reveal the seed and combine it with the drand value to pick the winning ticket.
4. Reproduce. The seed, drand round and full ticket list are published here so anyone can recompute the winner and check it against the commit.

Every value on this page was committed to before sales started or generated by a public randomness beacon whose output we could not have known in advance. The seed stayed sealed on our servers until the moment of the draw. If anything here doesn't match what your own recomputation produces, that is evidence of tampering, not of a near miss.