Thursday, February 09, 2023

Proposal: The Last Biscuit

Reached quorum 8 votes to 1. Enacted by Kevan.

Adminned at 10 Feb 2023 18:10:15 UTC

Enact a new rule, “Secrets and Tells”:-

Each Villager has a Secret, being a text string tracked privately by themselves. Each Villager has a publicly tracked Tell, which may be a text string or blank.

The hash of a string is defined as the MD5 output for that string at https://www.md5hashgenerator.com

Whenever a Villager changes their Secret, they must privately note down a string that consists of their Secret plus any number of words which do not appear in the ruleset (this string being known as their Jotting), and update their Tell to be the hash of that Jotting.

Villagers are recommended to maintain a private record of their Jottings over the course of the game, in case a later rule requires them to prove what their Secret was at a particular point in the game history.

Testing the waters for a secret information hash system, given the Casual Imperial Style, to perhaps tie into which items players are secretly carrying. But I know past dynasties have had players who aren’t comfortable with the idea of using hashes.

Comments

Josh: Observer he/they

09-02-2023 10:27:45 UTC

I like.

SingularByte: he/him

09-02-2023 14:04:58 UTC

for

Trapdoorspyder: he/him

09-02-2023 14:08:13 UTC

for I would have pushed for the emperor also knowing the unhashed secrets, but I missed the edit window and it’s otherwise fine.

Josh: Observer he/they

09-02-2023 14:12:18 UTC

for

Darknight: he/him

09-02-2023 14:26:18 UTC

imperial I have never been able to get hashes to work for me but I won’t vote this down out of spite because that’s just a dumb course of action for a good proposal.

Habanero:

09-02-2023 15:00:07 UTC

for

JonathanDark: he/him

09-02-2023 16:23:51 UTC

for

Brendan: he/him

09-02-2023 16:59:49 UTC

for

Kevan: he/him

09-02-2023 17:04:40 UTC

[Darknight] Would a step-by-step wiki essay help, or has it just been bad luck when you thought you’d copied down the plaintext correctly but hadn’t?

Chiiika: she/her

09-02-2023 17:38:06 UTC

Can we implement a onsite hasher?

Chiiika: she/her

09-02-2023 17:41:50 UTC

against also another thing is the salt should not be some openly tracked variable c1
There *should* be a attack avaliable with H(p) and H(c1) but I’m not sure and I don’t like to play codebreaker so

Chiiika: she/her

09-02-2023 17:45:31 UTC

Additionally words used in c1 leading to H(c1) is rainbow forceable

Chiiika: she/her

09-02-2023 17:47:07 UTC

Oof - sorry; that’s worse - if I know H(c1) and can recover c1 I can treat H(c) = H(t+c1) effectively a known partial hash

Chiiika: she/her

09-02-2023 17:49:00 UTC

(H() = hash function
c = cipher text, or hashed text
Edit: H(c) = H(t+c1) should be c = H(t+c1)
c1 = salt
t/p = plaintext)

JonathanDark: he/him

09-02-2023 17:53:21 UTC

If it’s done like the dice roller, an on-site hasher it would just be stand-alone PHP, right?

The downside is any concern that the hash input could be tracked without the user’s knowledge, leading to cheating by anyone with access to the PHP or its file or database output, whereas an offsite hasher won’t have that problem.

Kevan: he/him

09-02-2023 17:53:26 UTC

Don’t follow you there: the “any number of words” salt isn’t openly tracked, and it can be changed for each update.

I’ve wondered before about making a hasher that stored a user’s old messages in their browser’s cookies so they didn’t have to write them all down - which I think has been the only stumbling block in past dynasties, where people have either lost the original message or not even realised that they needed to keep it. But that could backfire by seeming more permanent than it actually is, if someone loses cookies mid-dynasty or assumes that they’re stored server-side and can be checked from other machines.

I suppose a simple page with a step-by-step that talked in general game terms and included a big red instruction to copy the message down might be a good thing to have.

Chiiika: she/her

09-02-2023 17:58:18 UTC

Oof I thought H(p) is tracked publicly

But then hash collision means I can make H(p+c1) into H(p’ + c1’) to change what items I hold

Chiiika: she/her

09-02-2023 17:59:18 UTC

Finding said c1’ is a problem in its own tho

Chiiika: she/her

09-02-2023 18:00:48 UTC

Jona) we can implement something client side (there is the tool; generate Math.random() themselves and calculate the hash on the client’s computer

Chiiika: she/her

09-02-2023 18:02:54 UTC

This attack is only possible when I determine my own salt; as a note

JonathanDark: he/him

09-02-2023 18:08:40 UTC

Javascript could still send a POST with the hash and its input to a URL for server-side storage, but I suppose it would be easier to notice.

JonathanDark: he/him

09-02-2023 18:11:26 UTC

Also, if we’re really worried about hash collision, pick a stronger hashing function. SHA256 has been around long enough to have fast implementations everywhere.

Chiiika: she/her

09-02-2023 18:12:14 UTC

The important part is that we know we are using a effectively unbreakable scheme as far as BN is concerned and it is easy to use for all BN players

Chiiika: she/her

09-02-2023 18:13:10 UTC

Yeah - you see the proposal? MD5
It is not *impossible* to find a collision - just Google MD5 collision generator

Kevan: he/him

09-02-2023 18:32:24 UTC

The salt explicitly having to be “words” limits that, but feel free to propose a limitation on the number or structure of them if you’re concerned. Or bump the whole thing up to SHA level.

Chiiika: she/her

09-02-2023 19:34:07 UTC

Kevan) I think SHA level are better imo

Josh: Observer he/they

09-02-2023 22:59:25 UTC

I think we can go minimum viable product and simply add a “do not try to hack this” rule