When you open a digital pack, how do you know the result wasn't decided after the fact? The answer is a commit-reveal protocol — the same cryptographic building block used by well-known pack-opening verifiers. Here's how to check a pull yourself.
The four steps
- Commit: before the pack opens, RipVault generates a random server seed and shows you its SHA-256 hash. The hash locks the seed in without revealing it.
- Seed: you supply (or accept) a client seed. Your input is fixed before any card is decided.
- Rip: each slot is computed as HMAC-SHA256(server_seed, client_seed:nonce:slot) and mapped to a card using the set's published weights.
- Reveal: once the pack completes, the server seed is published so anyone can replay it.
Doing the check
Take the seeds from your pull and paste them into the verifier. It recomputes the HMAC chain and returns the same cards. If even one byte of the server seed had changed, its SHA-256 hash would no longer match the hash you were shown at commit time — so a swapped result is detectable.
For the full math and what the guarantee does and doesn't cover, see how verification works.