Evidence
RNG & Oracles (Control, centralization, manipulation risk)
[1] Oracle signer transactions list
[2] Same signer used across multiple users/games
[3] No public instructions to run an oracle node
[4] No on-chain commit to bet (no commitâreveal)
[5] VRF not bound to block/slot
[6] Off-chain oracle generates VRF, only final posted
[7] Demonstration of re-roll risk (concept or tool)
[8] Timing gap: bet â VRF post
[9] No on-chain function to rotate oracle signers
[10] Halborn: reliance on off-chain logic
Game Logic (off-chain black box, unverifiable fairness)
[11] Slot/Vault contract extracts show no outcome logic
No Game logic provided:
[12] Data flow (RNG â off-chain â payout)
[13] No published RTP/odds per game on-chain
[14] Backend distributions
[15] No user-verifiable reproduction path (no client seed binding)
[16] Winner wallet page (5or7BFâŠ): full TX history
[17] Kraken-funded deposits (2Ă >600 SOL)
[18] Micro-tx burst to gambling dApps
[19] No DeFi/NFT usage (ephemeral wallet)
[20] Timeline: Kraken â play burst â jackpot â withdraw
[21] Jackpot payout TX (sender not vault)
[22] Probability graph (Poisson) for 2 in 5,000
[23] Statement: no jackpot transparency report
Payouts, Liquidity, Proof-of-Reserves
[24] Vault settlement log (typical small win auto-settled)
[25] Cold reserve described (marketing)
[26] Cold reserve is a wallet, not a contract
[27] Jackpot payout not routed via vault contract
[28] No timelock/multisig on reserve
[29] No on-chain proof-of-liabilities
Admin / Upgradeability / Governance
[30] Program marked upgradeable (BPF Loader)
[31] Upgrade authority is team-controlled
[32] No public DAO governance (no SPL governance links)
[33] No pause/override functions publicly exposed
[34] Halborn âauthority transfer not enforcedâ fixed
[35] Settlement batching acknowledged (delay possible)
IST to UST Time (At least 2 minutes settlement delay)
Halborn Scope / Audit Transparency
[36] Halborn scope omits RNG/oracles/game logic
[37] No public GitHub/IPFS for audited code
Trustless vs Reality (Marketing vs facts)
[38] Screenshot of âprovably fair for every spinâ claim
[39] Screenshot of âdecentralized oraclesâ claim
[40] Screenshot of ânon-custodial, you control fundsâ claim
[41] Claims vs Reality table (final)
[42] No Client seed input UI
Earlier, no Client Seed Input provided.
Recently, Client Seed UI added but no verification that it is used for RNG with Proov VRF hash (Server Seed).
[43] No path to reproduce outcome from seed
[44] Explorer shows logs, not pre-commit proofs
Public Explorer (âwe show everything nowâ) rebuttal
[45] Example: bet log with no player-seed binding
Custom Seed (i.e. Player Seed) not used with Proov VRF to generate RNG for game outcome.
In simple terms, Custom seed parameter which is just taken in the bet request but not combined with RNG which is the least for any online crypto casino.
[46] 3 real bets with full fields (CSV)
[47] One bet timeline
[48] Admin/Reserve safety
[49] No multisig on reserve (EOA ownership)
[50] Comparision and Architecture upgrades
Last updated