Infrastructure
Globally distributed infrastructure with failover and SOC 2/ISO 27001 certification programs in progress.
Learn more
Provably fair. Third-party tested.
Built for trust at every layer.
Every game outcome is cryptographically verifiable. Games are GLI certified. SOC 2 and ISO 27001 certifications are in progress. No trust required.
Every game outcome is cryptographically verifiable. Games are GLI certified. SOC 2 and ISO 27001 certifications are in progress. No trust required.
fairness/verify.ts
1import { verifyEcvProof, mapRandomness } from "@origami/fairness";2import { sha256 } from "./crypto";3 4type FairnessRound = {5 game: "dice" | "limbo";6 clientSeed: string;7 serverSeedHash: string;8 publicKey: string;9 nonce: number;10 proof: string;11 outcome: number;12};13 14export function verifyRound(round: FairnessRound) {15 const request = `${round.game}:${round.nonce}:${round.clientSeed}`;16 const proof = verifyEcvProof({17 publicKey: round.publicKey,18 request,19 proof: round.proof,20 });21 22 if (!proof.valid) throw new Error("Invalid proof");23 const outcome = mapRandomness(proof.randomness, round.game);24 return {25 verified: outcome === round.outcome,26 commitment: sha256(round.serverSeedHash + proof.randomness),27 randomness: proof.randomness,28 };29}Operator testimonial
Provably fair won the room. The audits and incident-response docs got us approved in weeks, not months.
Aamir Khan
Compliance, Tier-1 Operator
The server commits to a secret key before the round begins.
-
-
Encryption
TLS 1.3 in transit, AES-256 at rest. All API communication is encrypted end-to-end.
Learn more -
Monitoring
Real-time anomaly detection, alerting, and a documented incident response process.
Learn more
What is ECVRF and how does it work?
ECVRF (Elliptic Curve Verifiable Random Function) is a cryptographic primitive that produces random outputs with a proof of correctness. For each game round, the server commits to a secret key and player-provided entropy. The ECVRF output determines the game result, and the accompanying proof lets anyone verify the result was generated fairly without revealing the secret key.
What certifications does Origami hold?
Our games and random number generation are independently tested and certified by Gaming Laboratories International (GLI). SOC 2 and ISO 27001 certification programs are in progress, backed by documented controls, third-party security reviews, and production-grade infrastructure practices.
How is player data protected?
All data is encrypted with TLS 1.3 in transit and AES-256 at rest. Access to production systems is restricted through role-based controls, and we maintain strict data-handling policies in line with industry best practices.
What happens if there's an outage?
Our infrastructure is globally distributed with automatic failover. In the event of an incident, real-time monitoring triggers alerts and our documented incident response process activates immediately to minimise downtime and protect in-progress game states.
Can operators independently verify game outcomes?
Yes. Every game round produces a cryptographic proof that operators and their players can verify independently using open-source tools. Full verification documentation is available in our developer docs.
What licences does Origami hold?
Origami is licensed to operate in multiple regulated jurisdictions. For details on specific licences relevant to your market, please contact our sales team.
- SOC 2 In Progress
- ISO 27001 In Progress
- GDPR Aligned
- GLI Certified
- Licensed
- TLS 1.3
- AES-256
- Failover