Secure and Fair Card Shuffling on Virtue Poker


The term “provably fair” gaming has become a buzz word in blockchain-based gaming applications. While it is a catchy term, it actually doesn’t fully depict what goes on “under the hood” in applications. Many gaming applications use on-chain RNG (random-number generators), and extol their virtues, and most of the time don’t fully explain the underlying mechanics.

In this post (content taken from our white paper), the Virtue Poker team describes how card shuffling and gameplay works in our application. We’d like to move away from the terminology of “provably fair” and instead show the underlying mechanics of how our game client works.

Random Number Generator Certification Practices

Online poker is different from live games in a key domain: in a live game, players can see the dealer shuffle the deck of cards, whereas in the online sphere players must trust that the RNG of the operator is operating sufficiently. Nearly every online operator has their RNG certified by a pre-approved third-party. RNG testing companies include iTech Labs, and Gaming Laboratories International. The integrity of these companies rarely comes into question, and generally speaking these auditors complete their jobs sufficiently.

More interestingly is the lack of oversight after an operator receives their certificate. The Malta Gaming Authority uses the following language on their website: “After the certification process required for issue of the full five year licence, the gaming system need not be tested regularly, but there will be follow up audits by the Gaming Authority when deemed prudent.” The Isle of Man uses the following language in their Guidance for Online Gambling: “While many operators may have their games’ RNG checked on a more frequent periodic basis, the GSC will have an operator’s RNG checked at least twice in a licence’s 5 year lifespan.” This lack of oversight has contributed to a prevalent belief among online poker that the games in certain instances may not be entirely fair.


In 1978 cryptographers Adi Shamir, Ron Rivest, and Leonard Adleman published a paper in response to a question that had been posed by the computer scientist Robert W. Floyd: “Is it possible to play a fair game of ‘Mental Poker’?” This paper proposes an encryption scheme and communications protocol that allows two people at different locations to shuffle and deal virtual “cards” in a way that allows a game to be played without the need of a trusted third-party. Over the ensuing years there have been numerous other papers published on the subject, expanding upon the ideas, offering alternative methods, and providing analysis and critique.

There have been, however, very few practical software applications employing Mental Poker techniques. In large part, this is because the cryptography involved can require enormous amounts computational power and communications resources, and software using them simply runs too slow for consumer use. In addition, the inherent “peer to peer” nature of Mental Poker can be difficult to manage and doesn’t blend well with traditional server-based online game models.

The Virtue Poker team has spent the past two years examining how the use of blockchain and distributed storage technologies, in concert with cooperative peer-to-peer networking, can address some of these difficulties. The result is a downloadable application that can play a 6-handed game at speed and manage real player stakes using the Ethereum Blockchain.

Mental Poker ensures the decks are unreadable to any single player by encrypting and shuffling the cards cooperatively in a way that lets each card be “opened” by one, some, or the entire group. The protocol uses communicate encryption: cards can be encrypted or decrypted in any order. The basic algorithm is outlined below:

Mental Poker Algorithm, The Two Pass Shuffle

The basic algorithm is as follows: Three players, Bob, Alice and Ted are seated at a table and are playing a game of Texas Hold’em. Bob is the dealer, and he generates a deck of 52 cards on his machine, only he can view the cards. Using Fisher-Yates /dev/urandom he shuffles the deck of cards, and then encrypts the deck with the same encryption key on each card, making the deck unreadable to anyone but himself. He then passes the now encrypted deck to Alice, who does the same thing: shuffles the deck of cards and then encrypts them. Finally, Alice passes the deck to Ted who goes through the same process.

The deck is now in its final ordered state, 1 through 52, and this order does not change throughout the course of the hand. Ted passes the now 3x encrypted deck of cards back to Bob, who takes off his “shuffle lock” and now encrypts each individual card with a different encryption key: B1, B2….B52. He passes the deck to Alice, who does the same thing: removes her “shuffle-key” and encrypts the deck with a unique encryption key A1, A2….A52. Alice then passes the deck back to Ted, who completes this same process.

Bob is assigned the first and second card in the deck, but he only possesses his encryption keys that correspond to these cards. Alice and Ted therefore share their encryption keys that correspond to the first two cards, A1 and A2, and T1 and T2 respectively, so that Bob holds all three decryption keys for his private cards. This enables Bob to view his private cards but no one else. This process is repeated for each player at the table, so each player can only view their own private cards.

All players call and the hand goes to the flop. The flop is denoted by cards 7, 8 and 9 in the deck. All players must share their encryption keys that correspond to the community cards, so that everyone can see these shared cards. This process continues until the end of the hand, where the winning player is awarded the pot, and all players reach consensus (described in detail in Section 4.2) by signing the end result of the hand which is sent to the Ethereum blockchain to update the game state (chip totals) for all players seated at the table. See Figures 6 through 9 that depict this process:

Two Rounds of Encryption: Shuffling the Deck and Indexing the Deck

“Multi-party shuffling” only requires that one of the peers perform a “proper” random shuffle in order to ensure that the entire deck is randomly ordered. If a player trusts that his own machine shuffled the deck properly then he can have confidence that the game is fair.

Figure 1: Shuffling and Encrypting the Deck

Figure 2: Indexing the Deck

Decryption and Gameplay

Figure 3: Player Key Sharing

Figure 4: Community Cards


The look and feel of a hand on Virtue Poker is similar to the experience players have come to expect with online platforms. As long as one player shuffles the deck correctly, the shuffle is sufficiently random. Therefore, as long as you trust your own machine, you can trust the game is fair.

Show Comments