ATTN: Anyone who works on Zcash

I would suggest the following:

  • Create an official shielded address for the lottery
  • Publish the viewing key so that anyone can see the incoming funds and the payments
  • To play send some shielded funds from a transparent address or a shielded address with a reply memo
  • The account that runs the lottery pays every N blocks
  • The payment tx has a memo that includes the random number used to select the winner, a commitment to the next random number: H(random), and a settlement block height (current height + N).
  • winning number = PRF(random|settlement_block_hash). [0, 2^256] is partitioned based on the bet sizes and the winning bet is the one that includes the winning number. For example, if bets are [1 ZEC, 3 ZEC], the first bet gets [0, 2^254), and the second gets the rest.

It seems to me that this game is fair and verifiable.


No problem.

We’re working on a “tip jar” for this use case and having more info on what would be most useful would be helpful.