provably fair mystery box
Provably Fair Systems, Explained: How to Verify a Mystery Box
"Provably fair" is the most overused phrase in the mystery box industry. Done right, it's a real cryptographic guarantee that a lootbox opening wasn't manipulated. Done wrong, it's a trust badge with nothing behind it. This guide explains what a provably fair mystery box actually is, how to verify one in under two minutes, and how platforms like Packdraw and MrLoot implement it in practice.
What "provably fair" actually means
A provably fair mystery box uses cryptographic commitments so the platform cannot change the outcome after you've clicked open. Before the round, the site publishes a hash of a secret server seed. You provide (or are assigned) a client seed. The combination produces the result. After the round, the site reveals the original server seed — and you can hash it yourself to confirm it matches what was committed before you played.
If those three pieces are exposed — server seed hash, client seed, nonce — and the algorithm is documented, the system is verifiable. If any of them are hidden, it isn't.
Why provably fair matters for lootboxes
Mystery boxes have a built-in incentive problem: the house controls the random number generator. Without provably fair, you have to trust the operator's word that the RNG hasn't been weighted against you mid-round. With provably fair, that trust is moved to math you can check.
It does not guarantee the odds are good — only that whatever odds the site publishes are the odds you're actually getting.
How to verify a Packdraw box opening
Open the provably fair page from your Packdraw account, copy the revealed server seed, your client seed and the nonce from a completed opening, paste them into the on-page verifier, and confirm the output matches the item you received. If it doesn't, that opening is invalid — escalate it to support with screenshots.
How MrLoot does it differently
MrLoot exposes the same three primitives but also lets you rotate your client seed before any opening, which is the cleanest setup we've tested. The verifier runs entirely client-side, so you can audit a round without trusting the server response. For most users this is the easiest provably fair flow in the mystery box space right now.
What provably fair does NOT protect against
Bad odds. House edge. Withdrawal delays. Bots in PvP battles. Provably fair only certifies that the published odds were applied to your round. Everything else — value, payouts, support quality — is a separate question, which we cover in our guide to spotting legit mystery box sites.
Frequently Asked Questions
Yes. Packdraw publishes server seed hashes, client seeds and nonces for every opening, and exposes a verifier you can use to recompute the result. Provably fair confirms the round wasn't tampered with — it does not certify the odds are favourable.
No. Provably fair is a cryptographic guarantee about a single round. It does not replace gambling regulation, licensing, or consumer protection — those are separate, jurisdiction-specific concerns.
Yes. Provably fair guarantees the published odds were applied to your round. If the published odds themselves are bad, the system is doing exactly what it claims and you can still lose money quickly.