부산대학교 도서관

Loot boxes, a common revenue model in contemporary mobile games, offer players the opportunity to acquire random rewards. However, their fairness has been the subject of numerous disputes worldwide, in part because game players cannot directly observe the logic of the loot-box mechanism. Apple App Store has required app providers to disclose the odds associated with their loot boxes to customers since 2017, and Google Play followed suit beginning in 2019. However, a practical method for allowing the public to verify whether a game complies with its probability statements has not previously been devised. Existing methods, such as source-code audits and statistical examination of player-reported samples, are misaligned with the game companies’ interests, and/or may encounter biased samples. Therefore, this paper proposes a verifiable loot-box process without disclosing their source codes. We utilize two cryptographic components, functional commitment and public randomness beacon, to devise a verifiable loot-box process comprising a verifiable loot-box function and a verifiable random source. In particular, we propose two protocols: one for probability verification and the other for loot-box opening. The former allows players to verify the winning probability of loot boxes using publicly verifiable random sources. The latter establishes a mechanism whereby game servers and players can agree on a random input, ensuring that neither party can manipulate the outcome. Our implementations of both these protocols, along with experiments to evaluate their performance, demonstrate that they are practical.