The method described in this document is to help the good team verify other good players via attacking the moderator on the same night. When using this method players NEVER have to reveal the information received from the moderator to verify them as good.
As per the rules, when a good player attacks the moderator they learn of a random character that is in play. All good players who attack this character on the same night will receive the same information.
NOTE: If fake news is played, then good players may receive different information and no one will be able to be verified, however it will be known that fake news was used.
This verification method uses a one way cryptographic hash function to verify the integrity of the information received by the moderator amongst participating parties WITHOUT having to share the information with anyone else.
Instead of sharing the information received, you can freely share the hash value generated by combining the role you received and a salt value.
The salt value is a random phrase chosen by the player to prevent someone else from being able to guess the role. The generated hash acts as proof that cannot be changed after it is shared.
When a player receives information from the moderator, they will combine a lowercased version of it with the salt value they have selected to generate the value that will be hashed. If the information received from the moderator includes spaces and punctuation, they should be removed.
For example if the moderator notified the player the role of “Qyburn’s Brother” is in play and the player uses the value “qbert” as the salt, then the resulting value to be hashed would be:
qyburnsbrotherqbert
To generate the hash simply visit the site MD5 Hash Generate MD5 Hash Generator and paste in the generated value. In this example it is: qyburnsbrotherqbert
The resulting hash is 579f357b4ee18a6b5481ceccae92421f
NOTE: make sure you do not accidentally add a new line after your combined value. Doing so will generate a different hash value.
IMPORTANT: NEVER SHARE THE INFORMATION YOU RECEIVE FROM A MODERATOR ATTACK WITH ANYONE
RECOMMENDED: DO NOT publicly state you are attacking the moderator before you receive the information from the moderator. Elementals have the option to receive the same information as a selected player. Annoucing you are attacking the moderator allows them to use you to gain the same information.
Using the method described above, generate a hash value.
Publicly declare you have attacked the moderator and are looking to verify other players.
Create a group with all the other players claiming to have attacked the moderator.
All players share their hashes.
DO NOT share the role you received or your salt value. Once all the players have shared their hash, then you can proceed to Step 5. If someone does not share their hash before Step 5, then they can no longer be verified.
When a player shares their hash, they are no longer able to change their answer. It is now a matter of public record.
ONLY PROCEED TO STEP 5 when everyone has shared a hash. Anyone who shares a hash AFTER Step 5 has begun can no longer be considered verifiable. At this point the information is no longer secure.
Once all players have shared their hash value, they can share their salt value freely.
This allows each player to independently take the information they received from the moderator plus the salt provided by the other players to generate a new hash. This new hash is used to compare against the one provide in Step 4.
If the hash generated with the other players salt value matches the hash they provided in Step 4, then they can be confirmed as good.
For example Player A received the role “Legolas” from the moderator and uses the salt “ribeye”, they generate the hash 413c8569d2383a40867b2dee83be0c7a
Player B shares the hash c2fc85448a68b18b8ff5b60e25057b0f in step 4
Player B then shares their salt: icecream
Player A then takes the role they received from the moderator and adds Player B’s salt (legolasicecream) to generate the hash c2fc85448a68b18b8ff5b60e25057b0f
Player A is able to confirm the hash provided by Player B matches and is confirmed good.
If the instructions above were followed properly and hash given to you by a player does not match, then it can be one of two things:
- The player is evil
- Fake news is in play
If fake news is in play, then a majority if not all hashes should not match. You can only confirm this when more than two good players attack the moderator.