[RPG] How to certify a secret decision revealed on a delay in a play-by-post game


In a play-by-post game that requires a player to commit to a secret decision and later reveal that decision publicly, how can a player certify that they did so honestly without relying on good faith?

Consider the following game scenario.

  1. Alice commits to a decision, like pre-programming an action she will take. An onlooker might notice she's doing something but they wouldn't know the particulars.
  2. Though Bob doesn't know exactly what Alice is up to, he commits to a decision in response to that, like reacting to stop her. Resolving his decision will depend on resolving her decision.
  3. Alice has to reveal what her committed decision was after the fact in order to resolve it at this point along with Bob's reaction to it. If she's being honest or has a way to certify what her decision was, this is fine. If she is able to lie, she could change her decision retroactively.

Are there common tools, techniques, or conventions to support this? At a table, Alice could simply write her decision in a folded note card and reveal it later; or in a board game, she could play her action card face down and reveal it later. These common table conventions don't translate well to online play. So, how can Alice certify her secret decision to be revealed on a delay?

Assume the following about the game, its rules, and the players:

  • The system is not freeform. It has rules that match the scenario given above.

  • Even if the players know and trust each other, they still need (or want) a way to certify their decisions without relying on good faith.

  • The gamemaster might also be a player (possibly even an adversarial one) and is not exempt from the need (or want) of a way to certify their decisions without relying on good faith.

Best Answer

Have Alice generate and publish an SHA-256 hash of her action.

SHA-256 is a computationally-secure (to reasonable approximation) algorithm that converts a given string into an unintelligible hexadecimal hash. There are online implementations that will compute SHA256 for you, for instance, here.

The idea is this:

  1. Alice decides her action - say, "I cast Fireball at Bob"
  2. Alice privately records that exact text
  3. Alice enters that text into an SHA256 generator, producing a meaningless jumble of characters - A0FC4543FDBA266006F1F9FA818183710A8C5CA80613DA109B8A9DBA194DEC4E
  4. Alice publicly announces "I've planned an action; its SHA-256 is A0FC4543FDBA266006F1F9FA818183710A8C5CA80613DA109B8A9DBA194DEC4E"

Now, Bob cannot tell what Alice has planned because the SHA-256 is not reversible; there's no way to get from the hash back to the action.

Later, when Alice reveals her plan, she gives the exact text she prepared earlier. If Bob doesn't trust her, he can simply repeat the SHA-256 encryption, and verify that the signatures match.

If Alice suspects that Bob may guess her action, then she can make things harder by adding an extra, irrelevant component to the action before computing the SHA-256. For instance, if Alice records, signs, and later reveals "I cast Fireball at Bob (pistachio)", then Bob would not be able to guess and verify the action without also guessing the extra "(pistachio)". This is known as using a "nonce".

Related Topic