Content uploaded by Arthur Carvalho
Author content
All content in this area was uploaded by Arthur Carvalho on Feb 24, 2021
Content may be subject to copyright.
Pre-print to be published in Decision Support Systems
Bringing Transparency and Trustworthiness to Loot
Boxes with Blockchain and Smart Contracts
Arthur Carvalho
Farmer School of Business, Miami University, arthur.carvalho@miamioh.edu
The ever-increasing reliance on loot boxes by the video game industry has attracted scrutiny from consumer
groups and regulators. For example, this practice of selling random assortments of virtual items for a price
has been criticized for its lack of transparency since, before purchasing a loot box, players do not necessarily
know the possible items they can win and the associated probabilities. Even in the rare cases when the list of
items and probabilities are available, there are no guarantees that a game is actually using that information
when randomly drawing an item, which naturally results in a trust problem. We draw from decision theory to
explain the transparency and trust issues faced by loot boxes, and from a recently proposed decision model
by Pedersen et al. (2019) to motivate the use of blockchain technology in this context. Following the design
science research framework (Peffers et al. 2007), we then explain how loot boxes can be coded as smart
contracts running on a blockchain network, and why this solution effectively tackles the transparency and
trust problems we mentioned above. We illustrate the use of the proposed smart contract by developing a
decentralized application (DApp) that mimics the process of purchasing and opening a loot box. We carefully
analyze our solution by considering its computational complexity, accuracy, security, and cost aspects. We
further discuss topics related to governance and deployment so as to help the video game industry with a
potential real-life implementation of our solution.
Key words : Blockchain; Design Science; Ethereum; Loot Boxes; Online Video Games; Smart Contracts.
1. Introduction
Loot box is a term used in the video game industry to describe certain in-game rewards that contain
a random assortment of virtual items. Among other motivational factors, these items can help a
player to further progress in a game and/or be used to customize a game avatar. Players often
1
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
2Pre-print to be published in Decision Support Systems
purchase loot boxes using virtual currencies that might be earned within the game or bought with
real money. As a consequence, loot boxes have been a strong and robust source of revenue for
game developers. For example, in the case of Activision Blizzard, a US-based gaming company,
approximately 56% of its revenue of US 7.16 billion came from “in-game net bookings” in 2017,
which covers loot boxes and other in-app purchases (Activision Blizzard 2018).
Because the content of a loot box is randomly generated, finding rare and valuable items is often
expensive for players and lucrative for game developers since, oftentimes, players cannot be certain
about the content of the loot boxes or the probability of finding the items they hope to acquire. The
gaming industry, therefore, has been heavily criticized for indulging in such business practices that
lack in transparency and trustworthiness. Issues related to psychological manipulations have also
been raised. The propensity of players to continue gaming and purchasing loot boxes is considered
by many psychologically akin to gambling (Fauth-B¨uhler and Mann 2017,Drummond and Sauer
2018,Zendle and Cairns 2018,Macey and Hamari 2019,Zendle and Cairns 2019). This is especially
troubling for minors since adolescents tend to have poorer impulse control than adults, which
potentially increases their vulnerability to gambling mechanics and behaviors (Lussier et al. 2014).
It has indeed been suggested that there exists a link between loot box engagement and gambling
problems among adolescents (Zendle et al. 2019,Kristiansen and Severin 2020). As we elaborate
on later, the use of loot boxes as a major revenue generation strategy has also become a matter of
concern among regulatory bodies.
Despite the growing concerns and impending regulatory actions against loot boxes, their use has
continued to increase. In fact, reports suggest that if not precluded by stringent regulations, loot
boxes are set to drive the online gaming market to US 160 billion by 2022 since, as a report by
Juniper Research suggests, “by monetising the random generation of items, developers are effec-
tively encouraging a form of in-game gambling, extending both the lifecycle and engagement of
games titles to their audience.” (Foye 2018). However, because of concerns surrounding loot boxes’
transparency and trustworthiness aspects, and the looming regulatory restrictions, some important
alterations to loot box-driven digital business strategies and practices may be inevitable.
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
Pre-print to be published in Decision Support Systems 3
Against this backdrop, our research objective is to redesign loot box mechanisms so as to make
them transparent and trustworthy. At the core, our solution represents a loot box mechanism as a
smart contract, thus enabling a video game to invoke computational functions that are executed in
tandem by computational devices (nodes) in a blockchain network. Each smart contract stores a
list of predefined items and probabilities. The smart contract also has a draw-item function, where
the input is the identifier of a player (e.g., a screen name) and the output is a single item randomly
drawn from the list of items. Not only is the code of the smart contract stored by the nodes of the
blockchain network, but also is any function call together with the associated inputs and outputs.
By using a public blockchain, anyone can at any time visualize the code of the smart contract, the
list of items and probabilities, as well as the input and output for any function call. This allows
players to verify whether the randomization mechanism is behaving appropriately.
We underscore that our proposed solution is transparent in a sense that a player has access to
the list of items and probabilities inside the smart contract before the purchase of the underlying
loot box. Regarding trustworthiness, instead of trusting one central entity (i.e., the game), trust in
our solution is achieved by sharing transaction data across a large network of untrusted nodes con-
trolled neither by players nor by game developers. Cryptographic primitives make the data storage
immutable because, computationally speaking, it is prohibitively expensive to change the data in
the blockchain, i.e., once deployed to the blockchain, the code of the smart contract representing
a loot box and the inputs and outputs of function calls become virtually unchangeable. This effec-
tively makes blockchain an append-only, tamper-proof data structure. Because each blockchain
transaction is timestamped, a player can know whether a transaction happened when it was sup-
posed to happen, i.e., whether the game is indeed calling the smart contract. With this solution,
gaming companies can be more transparent and, thus, more compliant and arguably more ethical
in their practices connected to loot boxes. In the extreme, when that does not happen, the player or
the appropriate regulatory body will have enough evidence to pursue an individual, or even a class
action, lawsuit against the company because smart contracts are now starting to be considered
valid legal contracts in various geographical areas (Gilcrest and Carvalho 2018,Demchenko 2019).
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
4Pre-print to be published in Decision Support Systems
In terms of theoretical foundations, we draw from decision theory to motivate our pursuit of
transparency and trustworthiness in loot boxes. In terms of methodology, we follow the design
science research framework (DSRF) proposed by Peffers et al. (2007). This is illustrated by the
organization of the rest of this paper. After this introductory section, Section 2addresses the first
step in the DSRF, namely problem identification and the motivation for a solution, where we
explain the transparency, trust, and legal issues faced by loot boxes, and we draw from decision
theory to explain the need for new loot box mechanisms. In Section 3, we define the objectives for
a solution, which is the second step in the DSRF. In that section, after defining blockchain and
smart contracts, we motivate the suitability of blockchain-based loot boxes by following the decision
model proposed by Pedersen et al. (2019). In Section 4, we design and develop a solution, which
is the third step in the DSRF. In particular, we introduce our main artifact, namely an algorithm
that codes loot boxes as smart contracts. We also discuss important issues concerning the design
of our algorithm, such as computational complexity and (pseudo) random number generation in
blockchains. We demonstrate our solution in Section 5(fourth step in the DSRF). Specifically, to
highlight the features of our main artifact, we develop a decentralized application that uses the
Ethereum blockchain network and mimics the process of buying and opening a loot box. In Section
6, we address the fifth step in the DSRF by evaluating our solution in terms of accuracy, security,
and cost. We also discuss governance- and deployment-related topics aiming at helping gaming
companies to implement our solution. We finally conclude in Section 7.
2. Problem Identification & Motivation
The first step in the design science research framework is to both “define the specific research
problem and justify the value of a solution” (Peffers et al. 2007, page 52). The two main problems we
identify with current practices involving loot boxes are the lack of transparency and trustworthiness.
Specifically, loot boxes are not always transparent in that the potential items a player can be
awarded with as well as the corresponding probabilities are not necessarily available before the
purchase of a loot box. Even when the probabilities and potential items are available, there is
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
Pre-print to be published in Decision Support Systems 5
no guarantee that the video game’s randomization mechanism actually uses that information in
practice. For example, a video game might display the probability 0.1 for a specific item, but then
internally set that value to 0 when randomly drawing an item. This naturally leads to trust issues.1
One can solve the above-mentioned trust issue by, for example, inspecting a video game’s source
code or by statistically analyzing several items obtained from similar loot boxes. We argue that
these solutions are not feasible since the source code of video games are traditionally closed. More-
over, a statistical analysis of the collected items requires several purchases of the same loot box
and/or coordination among many buyers. One can frame the latter approach as a wisdom-of-crowds
trust verification method. The practical challenges with such an approach are insurmountable since
several players have to coordinate simultaneous purchases of the same loot box and report the
outcomes to an entity that shall then perform a statistical analysis. Clearly, the validity of such
an analysis is dependent on whether players are behaving appropriately, i.e., that they are indeed
reporting the items they received honestly. Although there are techniques to incentivize honest
reporting of private information (Carvalho et al. 2017), we argue that the extra complexity required
to coordinate players and to create incentives as well as the cost of buying several loot boxes
to perform an ex-post analysis result in a more burdensome and less efficient approach than the
technology-based trust verification process we suggest in this paper.
As we discuss later, our solution to the transparency and trust issues relies on disentangling the
randomization mechanism from a video game’s source code. In other words, the randomization
code is executed by third-party computational devices whose manipulation is computationally
intractable. The above said, our overarching research question is:
“How can one develop a loot box mechanism that is transparent and trustworthy? ”
In the next subsections, we further motivate the need for new loot box mechanisms from two
different perspectives, namely a legal viewpoint and through the theoretical lens of decision theory.
1See, for example, the thread “Nintendo, Sony, Microsoft to require loot box odds disclosure” on Reddit (2019) for
a sample discussion about loot boxes and trust within a video-game community.
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
6Pre-print to be published in Decision Support Systems
2.1. Loot Boxes, Gambling Behavior, & Regulatory Efforts
Loot box is a term used primarily in the video game industry to describe any type of digital
container that randomly generates rewards. Loot boxes play upon players’ desire to acquire the
most sought-after and prestigious in-game items, be they items that help with game progression
or cosmetic goods. Loot boxes often rely on game design and gamification elements to lure players.
For example, opening a loot box is traditionally accompanied by visuals (e.g., fireworks) and audios
(e.g., drumrolls) to boost excitement. Artificial scarcity is another common element, where the
items players can receive range from very common to very rare (King and Delfabbro 2019). This
scarcity is oftentimes promoted when certain items are only available for certain periods, thus
creating the sense that players have to either get them now or never again. The combined sense of
urgency and rarity can strongly influence consumers’ purchase decisions (Gupta and Gentry 2019).
Although a rather common practice now, loot boxes have frequently received fierce criticism.
For example, loot boxes that offer items that can directly affect a player’s ability to compete with
others have been criticized as “pay-to-win mechanisms.” These mechanisms are commonly tied
to game-design choices that promote and encourage players to purchase loot boxes. Traditionally,
video games have been seen as “games of skill,” rather than “games of chance.” As such, they have
escaped gambling-related regulations. More recently though, there have been suggestions that loot
boxes display many of the elements that characterize gambling activities (Drummond and Sauer
2018,The Netherlands Gambling Authority 2012,Kansspelcommissie 2018). These findings have
led to increasing legislative efforts concerning fair disclosure of information and sales restriction on
games containing loot boxes. For example, since 2017, games sold in China must explicitly state the
draw probability of all virtual items and services in loot boxes (McAloon 2016). In 2018, a report
by the Netherlands Gambling Authority found that loot boxes offering tradable items are illegal
and, hence, the underlying games cannot be sold without an appropriate license (The Netherlands
Gambling Authority 2012). Even for games that do not allow for the trade of winnable items,
the Dutch entity stated that “... loot boxes could nevertheless foster the development of addiction,
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
Pre-print to be published in Decision Support Systems 7
these games are at odds with the objective of preventing addiction to organised games as much as
possible.” (The Netherlands Gambling Authority 2012). A similar conclusion was also reached by
the Belgium’s Gaming Commission in a report released soon after the release of the Dutch report
(Kansspelcommissie 2018). Within the United States, several legislative efforts have been made
at the state level. For example, separate bills were introduced in Hawaii’s and Minnesota’s state
legislatures concerning new warning labels for games containing loot boxes and the prohibition of
sales to young players. At the federal level, a bill titled“The Protecting Children from Abusive
Games Act” was introduced in the United States Senate in 2019 to “ban loot boxes and pay-to-win
microtransactions in games played by minors.”
Another significant recent development was the loot box related workshop hosted by the Federal
Trade Commission (FTC) of the United States in August 2020, when the issue of enforcement
concerning the proper disclosure of items and probabilities was extensively discussed. For example,
“panelists and some commenters expressed concern about the transparency of loot box odds, partic-
ularly if a game uses dynamic odds that may vary by player or time” (Federal Trade Commission
2020). Moreover, FTC “staff advises that disclosure of loot box odds must be accurate and nonmis-
leading to avoid a Section 5 violation.”2(Federal Trade Commission 2020). In other words, game
developers whose games’ loot boxes do not follow the reported probabilities when drawing items
may face the risk of unfair business practices litigation. Within this context, the proposed solution
in this paper provides a way of unequivocally proving whether video games are indeed drawing
items based on the disclosed probabilities.
Besides governmental bodies, video-game associations are also trying to prevent unethical prac-
tices concerning the use of loot boxes. For example, the Korea Association of Game Industry (K-
GAMES) consistently monitors loot box mechanisms employed by the most popular video games
at a given time. Non-compliant practices can lead K-GAMES to publicly “name-and-shame” games
and game developers (Korea Association of Game Industry 2018). Hence, besides the financial
aspect, unethical loot box practices might harm a game developer’s reputation.
2Section 5 of the FTC Act 15 (USC 45) prohibits unfair or deceptive acts or practices in or affecting commerce.
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
8Pre-print to be published in Decision Support Systems
If loot boxes are deemed illegal because, say, they constitute (online) gambling, then the video
game industry might suffer drastic revenue losses. One potential path to avoid government inter-
vention and regulation is for the industry to develop self-regulating principles concerning the use
and monetization of loot boxes. An example of self-regulatory initiatives is coming from platforms
where games can be downloaded from, such as Google’s Play Store an Apple’s App Store. For
example, Play Store requires that “apps offering mechanisms to receive randomized virtual items
from a purchase (i.e. ”loot boxes”) must clearly disclose the odds of receiving those items in advance
of purchase” (Google 2019). Following a similar path, the major console makers, namely Sony
Interactive Entertainment, Nintendo, and Microsoft, announced plans to roll out new policies that
will require games developed for their platforms to disclose information on the odds of obtaining
virtual items from paid loot boxes (Entertainment Software Association 2019).
As we stated above, banning loot boxes might hurt the video game industry. Consequently,
players will also be affected since they will have access to fewer games due to companies potentially
going out of business. One can argue that the inclusion of loot boxes in (online) video games
is justified due to a publisher’s ongoing cost concerning the maintenance of the game servers.
Moreover, loot boxes provide an extra revenue source well after the release of a game. At the
same time, the issues regarding proper disclosure of information must be dealt with. We argue
that regulations mandating video games to display lists of items and probabilities are not enough
since there are no guarantees that the video game is taking the displayed items/probabilities into
account during the item-draw process. That said, we see our solution as being of great value to
the video game industry’s self-regulatory efforts since it provides provable guarantees that a video
game is indeed using specific probabilities and items when randomly drawing items.
2.2. A Decision Theory Perspective on Loot Boxes
From a theoretical perspective, one can analyze loot boxes through the lens of decision theory.
Consider a set of outcomes O={o1, o2,...,on}, where each outcome represents an item that can
potentially be part of a loot box. Each item oiis associated with a probability value pi, for i∈
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
Pre-print to be published in Decision Support Systems 9
{1,...,n}, which in turn describes the likelihood of a player receiving that particular item. Hence,
P={p1, p2,...,pn}represents a probability distribution over the npotential items that can be
in a loot box. Both Oand Pcan be known or unknown to a player before that player makes a
decision on purchasing a loot box. When the player purchases and “opens” the loot box, one item
is randomly drawn from the set O. That said, using conventional notation from decision theory, a
loot box Lcan be defined as a lottery: L= [o1:p1, o2:p2,...,on:pn].
The classic expected utility framework posits that the value a decision maker (player) derives
from a lottery ticket Lis given by the following equation: U(L) = Pn
i=1 pi×U(oi), where the
function U(·) represents the decision maker’s risk attitude, e.g., a convex function U(·) implies that
the decision maker is risk seeking, whereas a concave function implies that the decision maker is
risk averse. Knowing the potential outcomes and probabilities, a player can then decide on whether
or not to purchase a specific loot box. For example, say that a loot box costs $1. Then, according
to the expected utility framework, a rational player will only buy the loot box if U(L)> U(1).
Not having access to potential outcomes and/or probabilities means that players’ purchase deci-
sions cannot be analyzed under the rationality assumptions implied by expected utility theory.
Nevertheless, other concepts from decision theory can be used to analyze the above scenarios. For
example, the term ambiguity attitude has been commonly used to designate differences in decision
making under known and unknown probabilities (Dimmock et al. 2015). It has been suggested that
humans tend to be ambiguity averse, meaning that a lottery (such as a loot box) with a known
probability distribution over plausible outcomes is often preferred over a lottery whose probabilities
are unknown (Ellsberg 1961,Halevy 2007). In other words, given two loot boxes with similar items,
a player would likely value the loot box having a known probability distribution higher than the
loot box whose probability distribution is unknown.
From a theoretical perspective, the above discussion illustrates the need for a solution to the
transparency and trust problems faced by loot boxes. Such a solution aids in the decision-making
process players face by giving them more information about the underlying product. As suggested
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
10 Pre-print to be published in Decision Support Systems
by King and Delfabbro (2019), a transparent loot box mechanism “help[s] the player to make better
decisions about the value proposition of the in-game monetization system.” This in turn is not
only more likely preferred by the players, as the discussion on ambiguity attitudes suggests, but
it also allows players to follow rationality constructs as defined by expected utility theory. That
said, a transparent and trustworthy loot box mechanism has as a decision support component in a
sense that it helps players deciding on whether to purchase a loot box. In the following section, we
explain how public blockchains and smart contracts provide an ideal solution for the aforementioned
transparency and trust problems.
3. Definition of the Objectives for a Solution
The second step in the design science research framework is to “infer the objectives of a solution
from the problem definition and knowledge of what is possible and feasible” (Peffers et al. 2007,
page 55). In our specific context, this means designing a loot box mechanism that not only displays
lists of items and associated probabilities, but also provides formal guarantees that a video game
is actually using those lists when randomly drawing items. As we elaborate on in Section 4, we
achieve our goal by defining loot boxes as smart contracts and running them on a public blockchain.
In what follows, we motivate the need for a blockchain-based solution by adapting and using a
recently proposed decision model concerning blockchain adoption. Before doing so, we first define
blockchain and smart contracts in the following subsection.
3.1. Blockchain & Smart Contracts
For our purposes, the blockchain technology can be defined as a distributed and decentralized
append-only database. Although not consensual, our definition of distribution relates to the redun-
dancy created by replicating the same database across several computational devices, whereas
decentralization has to do with ownership in a sense that those computational devices are not
necessarily controlled by the same entity. In this context, it is important to distinguish users from
nodes.Nodes create a peer-to-peer network, and they are the computational devices responsible
for data storage, whereas users create data/transactions to be stored by the nodes.
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
Pre-print to be published in Decision Support Systems 11
Beyond transaction data, some blockchain models allow for the nodes to store and execute
algorithms proposed by users. One of the advantages of such a computational model is that not
only the underlying code is immutable, but also is any input or output produced after a node
executes the code. Such algorithms are now called smart contracts. The idea of smart contracts was
first proposed as the analog of legal contracts, but with automated enforcement. A more modern
perspective of a smart contract takes the idea of putting data in a secure ledger and extends it to
computation. That is, it is a consensus mechanism for the correct execution of a given algorithm.
As we explain in Section 4, our solution to the transparency and trustworthiness issues surrounding
loot boxes involves coding each loot box as a smart contract. Hence, whenever a user (player) buys
and opens a loot box, behind the scenes an algorithm is executed in tandem by blockchain nodes
to determine the item to be received by the player. Hence, trust in our solution is achieved by
sharing transaction data and algorithms across a large network of nodes controlled neither by the
player nor by the game developer.
Finally, concerning applications, one can categorize blockchain models into two categories: public
and permissioned blockchains (Carvalho 2020). Public blockchains are open to anyone, and no
special permissions are required to join the network as a user or node. Unlike public blockchains,
permissioned blockchains focus on business networks of known, vetted participants operating under
a well-defined governance model, i.e., special permissions are required to join the network as a user
and/or node. The goal of permissioned blockchains is to secure and share the transactions among
a group of participants who know, but might not fully trust each other.
3.2. A Decision Model Concerning Blockchain Adoption
We further motivate the use of the blockchain technology to solve the aforementioned issues with
loot boxes by following the decision model in Figure 1. In particular, we borrow from the model
by Pedersen et al. (2019), which in turn provides a ten-step decision path to determine whether
an application merits a blockchain solution and, if it does, which kind of blockchain application
is more suitable. The first seven questions in Figure 1are the same as in the model by Pedersen
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
12 Pre-print to be published in Decision Support Systems
Figure 1 Decision model regarding blockchain adoption. Adapted from the work by Pedersen et al. (2019).
et al. (2019), and they are used to define whether the blockchain technology is useful and feasible
in a given domain. The last question in Figure 1captures the last three questions in the original
model by Pedersen et al. (2019) and tailor them to better reflect our own definitions of public and
permissioned blockchains. That last question helps a decision maker to choose between a public or
a permissioned blockchain.
The first decision question reflects the nature of the blockchain technology: “is there a need for
a shared common database?”. For billing and auditing purposes, it is clearly desirable for every
transaction involving loot boxes to be stored in a database. A database shared by many is crucial
to enhance trust since, for example, governmental and regulatory agencies as well as the gaming
community can access loot box related data and check for potential misuses by game developers.
The second question is about whether multiple users interact with the blockchain: “are multiple
parties involved ?”. The answer is positive in our setting since several players might purchase loot
boxes from several games. External users, such as regulators, should also have read access to the
database. Regarding the third question (“do the involved parties have conflicting interests and/or
are they trusted? ”), if all participants can trust each other, then a decentralized database, such as
blockchain, is not necessary. Trust issues arise in the context of loot boxes because even when a game
displays the winnable items and corresponding probabilities, the players still do not necessarily
know whether those attributes are taken into account when the game randomly draws items. This
is in part due to the fact that video games traditionally have proprietary, closed source code.
A potential solution to the above-mentioned trust issue is to have a third-party entity responsi-
ble for the monitoring of loot box mechanisms. Such an entity could be, for example, a nonprofit
organization created by industry members (such as K-GAMES) or a public body trying to prevent
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
Pre-print to be published in Decision Support Systems 13
unhealthy gambling practices (such as the Netherlands Gambling Authority). Despite the regula-
tory pressures we discussed in Section 2.1, we argue that having a third-party entity responsible for
monitoring loot box mechanisms may not necessarily alleviate the trust and transparency problems
since players must still trust that the entity will behave benevolently, efficiently, and effectively.
This implies a positive answer to the fourth question (“can or do the participants want to avoid a
trusted third party?”). As suggested by Pedersen et al. (2019), “one advantage of blockchain systems
is that they enable peer-to-peer transactions without relying on a trusted third-party service.”
The answer to the fifth question, namely “do the rules governing system access differ between
participants?”, is positive since the video game, as a blockchain user, and players have different
roles. Specifically, the video game must handle the logistics behind the drawing of items, e.g.,
calling appropriate procedures that will write data to the blockchain, monitoring results, etc. The
players must be able to check the legitimacy of the performed computations and results and, hence,
they do not necessarily need all the system access that the video game has, e.g., writing access.
These rules remain largely unchanged over time, as do the rules governing transactions, meaning a
positive answer to the sixth question (“do the rules for transacting remain largely unchanged? ”).
Conceptually, the transactions involving loot boxes do not change over time: a player indicates
the desire to purchase a loot box and the video game randomly draws an item and displays the
result back to the player. This immutability aspect is crucial since, given the append-only nature of
blockchains, the code of a loot box deployed as a smart contract cannot be deleted and/or updated.
The next question inquires about the need for immutability: “is there a need for an objective,
immutable log?”. This is clearly positive in the context of loot boxes in that an immutable (and
trusted) log system can unequivocally show that a player’s item was randomly drawn at a certain
time. Moreover, any user should be able to audit the smart contract stored in the blockchain to
undoubtedly prove that the randomization mechanism is behaving appropriately.
Having established that blockchain is a suitable technology for solving the trust and transparency
issues faced by loot box mechanisms, the last question, namely “is open access and public trans-
actions required ?”, determines the type of blockchain to be used, i.e., public or permissioned. As
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
14 Pre-print to be published in Decision Support Systems
Figure 2 The process of buying and opening a loot box under our proposed solution.
we previously discussed, permissioned blockchains require one to obtain permissions to join the
network as a node or user, whereas public blockchains allow for universal access. In our context,
allowing for universal access and public transactions further enhances trust and transparency. For
example, auditors, regulators, players, parents, etc., can all have immediate access to transaction
data regarding loot boxes, and even help to maintain the underlying infrastructure as nodes.
The previous answers suggest that a public blockchain can effectively solve the trust and trans-
parency issues with loot boxes. As we explain in the following section, the objective of the blockchain
nodes in our solution is twofold: 1) independently perform the computations required to randomly
draw items; and 2) independently store the inputs/outputs concerning the above computations.
4. Design & Development
The third step in the design science research framework is to design and create the underlying
artifact, which in turn can be constructs, methods, or models (Peffers et al. 2007). Our main artifact
is represented by an algorithm that codes a loot box as a smart contract. In particular, whenever a
player decides to purchase a loot box, the underlying video game will invoke the associated smart
contract, which in turn performs all the computations required to return an item. That said, our
solution disentangles the computations required to randomly draw items from the game’s code and,
remarkably, it does not require the entire game to be open source. Figure 2illustrates a high-level
perspective on the process of buying and opening a loot box using our proposed solution.
The purchasing process starts after a player indicates s/he wants to buy a loot box. In prac-
tice, this can be done by, for example, clicking on appropriate menu items. Thereafter, the video
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
Pre-print to be published in Decision Support Systems 15
game displays the items, associated probabilities, as well as the identifier (address) inside a public
blockchain of the smart contract that encodes the loot box. The player may then use the smart
contract’s address to verify important attributes, such as whether the previously displayed items
and probabilities correspond to the items and probabilities in the smart contract. This latter step
illustrates the transparent nature of our solution. If the player decides to proceed with the pur-
chase of the loot box, the game then invokes a function in the smart contract to draw an item. At
this point, all the nodes in the blockchain network run the same algorithm and return the same
output (drawn item). The video game retrieves and returns that output to the player alongside
an identifier representing the function call (transaction). Based on that identifier, the player can
eventually verify whether the video game actually invoked the appropriate smart contract and
whether the output displayed by the video game corresponds to the output generated by the nodes
in the blockchain network. This latter step illustrates the trustworthiness aspect of our solution.
The core of our solution lies in defining a loot box as a smart contract. Algorithm 1shows the
pseudocode of such a smart contract. In the first two lines, the smart contract explicitly defines the
winnable items alongside the associated probabilities. Access to the content of these lists should be
freely available to any user of the underlying blockchain. The smart contract also defines a function
called drawItem, whose argument is the screen name of the player buying the loot box. That
function starts by running a random number generator (RNG) function using the player’s screen
name and a timestamp as the seed to generate a random number. We further elaborate on the
RNG function below. Thereafter, the smart contract produces an output based on the drawn value.
Specifically, the smart contract uses a traditional technique from evolutionary computation called
the fitness proportionate selection, also known as roulette wheel selection. Under this technique,
the items are represented as non-overlapping “bins” proportional to their associated probabilities,
and the random value from the RNG function defines a single bin.
To illustrate the behavior of Algorithm 1, consider the following example, which is recur-
ring throughout the paper. Let items ←[“Common Sword”,“Silver Sword”,“Dragon Sword”] and
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
16 Pre-print to be published in Decision Support Systems
Algorithm 1 Pseudocode of the smart contract representing a loot box.
Require: n≥0∨x6= 0
Ensure: y=xn
1: items ←[o1, o2,...,on]
2: probabilities ←[p1, p2,...,pn]
3: function drawItem(screenN ame)
4: r←RN G(screenN ame, timestamp)
5: lb ←0
6: for i←1 to ndo
7: if r >=lb and r < lb +probabilities[i]then
8: return items[i]
9: else
10: lb ←lb +probabilities[i]
11: end if
12: end for
13: end function
probabilities ←[70,30,10], where probability values are represented as percentages. Moreover,
assume that RN G returns values in the range [0,100). As we explain later, the reason for using
percentages is that Solidity, the programming language we used to develop a fully functional pro-
totype, does not support fixed-point numbers yet. After calling the function drawItem, say that the
result from the RN G function is r= 92. During the first iteration of the loop, the smart contract
checks whether ris greater than or equal to 0 and below 70. If this condition is true, then the first
item, namely “Common Sword”, whose associated probability is 0.7, is returned to the player. Since
that condition is not satisfied, the algorithm then checks during the second iteration of the loop
whether ris greater than or equal to 70 and below 70 + 20 = 90. This previous condition defines
an interval of length 20, which represents the percentage associated with the second item “Silver
Sword”. Since the second condition is also false, the algorithm finally checks whether 90 ≤r < 100.
This condition is true, and the drawItem function returns the item “Dragon Sword”.
There are two important points to highlight regarding Algorithm 1. First, the drawItem function
is efficient since it runs in polynomial time. Specifically, its complexity is O(n), where nis the
total number of winnable items. Algorithmic efficiency is crucial in the context of smart contracts
because the same code is executed by several nodes in the network. Moreover, as we soon discuss,
some blockchain networks charge users based on the complexity of the executed smart contract.
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
Pre-print to be published in Decision Support Systems 17
The second important point to highlight concerns randomization, which is a naturally challenging
task in distributed environments such as blockchain. In our specific case, because the smart contract
representing a loot box is processed in parallel by many nodes, a poorly designed randomization
process might then imply that different nodes randomly draw different items for the same player
buying a loot box. To solve this problem, our solution uses a pseudorandom number generator
based on hash functions. Specifically, the RNG function in Algorithm 1can be defined as follows:
RN G(screenN ame, timestamp) = H(timestamp |screenN ame) % c(1)
where H(·) is a hash function, the vertical bar |represents the concatenation operator, and cis a
constant used to determine the upper bound of RN G. To illustrate the RNG function in Equation
(1), assume a player called Alice purchases a loot box, and the respective timestamp is Dec-09-2019
07:40:32 PM. Moreover, let c= 100 so that this example is in agreement with our running example.
Finally, assume that H(·) is the popular SHA-256 hash function. The random value resulting from
RN G in this setting is then equal to H(“Alice”|“Dec-09-2019 07:40:32 PM”) % 100 = 84.
Hash functions are deterministic, meaning that they always produce the same output given a
fixed input. That said, to produce the same output, we need to make sure that the nodes all have
access to the same input when calling RN G. The reason for using both a player’s screen name and
a timestamp as input to RN G is that this allows for two players to draw different items at the
same time, and the same player to draw different items at different times. The only missing piece
now is how to define a universally-accepted timestamp. Clearly, nodes cannot use their own local
time as a timestamp when calling RN G since these computational devices might be located in
different regions. Moreover, timestamps should not be predictable, otherwise players can effectively
define the items they receive by buying loot boxes during suitable times. For example, it is easier
for players to time their loot box purchases and acquire a desired item when timestamps contain
time information up to minutes only than when timestamps encode up to fractions of a second.
We suggest implementations of Algorithm 1to use the time the most recent block was proposed
as a timestamp. It is often the case that a node timestamps a proposed block when the node
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
18 Pre-print to be published in Decision Support Systems
proposes a block to be added to the blockchain. All the other nodes verifying that block have now
access to a universally-accepted timestamp. Given that every call to the drawItem function defines
a transaction to be added to a block, a major implication of the above suggestion is that a single
player is limited to buy only one loot box per block. Otherwise, if a player buys several loot boxes
and the respective transactions are added to the same block in the blockchain, then that player will
receive the same item several times since neither his/her screen name nor the block’s timestamp
have changed. This is not a significant constraint for most blockchain networks that support smart
contracts. For example, at the time of writing, Ethereum has an expected block production time
between 10 to 20 seconds. Given the different timestamps for different blocks, the hash value that
defines the item a specific player receives then changes every 10 to 20 seconds on Ethereum.
5. Demonstration & Evaluation
The fourth step in the design science research framework is to demonstrate the proposed artifact
(Peffers et al. 2007). This task might involve showing the use of the artifact in simulations, exper-
iments, and/or case studies. In our particular case, we develop a decentralized application (DApp)
that mimics the process of buying a loot box, as described in Figure 2. A DApp is an application
that relies on services provided by a decentralized network, such as BitTorrent or blockchain. In
our demonstration, our DApp relies on the Ethereum blockchain, which we elaborate on next.
5.1. Ethereum
Ethereum is a decentralized computational platform that runs smart contracts. In other words,
besides transactions involving the native cryptocurrency called Ether, users in this public
blockchain can also create transactions that deploy or run smart contracts, which in turn are
traditionally developed using a programming language called Solidity. Transactions in Ethereum
might require nodes to perform computations that change the state of the blockchain, e.g., to
update a user’s balance. Ethereum “charges” the transaction creator for the computational costs
of a transaction. Specifically, gas is a unit that measures the amount of computational effort it
takes to execute a transaction. At the time of writing, the average gas unit is equal to approxi-
mately 1.15 ×10−8ethers (Etherscan 2020). Every Ethereum transaction requires at least 21,000
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
Pre-print to be published in Decision Support Systems 19
Figure 3 High-level description of the interaction among players, DApp, and the Ethereum blockchain.
gas, i.e., approximately 2.4×10−4ethers on average or US 0.12 given the current exchange rate
of US$504.50 per Ether. Naturally, more complex transactions, such as deploying a complex smart
contract, cost more gas.
Ethereum users must use the Ether cryptocurrency to pay for the gas required to perform a
transaction. There is no fixed exchange rate; it is up to the sender of a transaction to specify any
gas price s/he likes. What prevents users from setting the gas price equal to 0 ethers is that the
nodes collecting transactions use that price when determining transaction fees. In particular, the
transaction fee collected by a node proposing a block is equal to the total amount of gas it takes
to run the transaction times the gas price suggested by the transaction creator. In this way, the
higher the suggested gas price, the more appealing a transaction will be to a node. That is, the
quicker a transaction will likely be added to a block.
5.2. DApp
As we suggested before, we demonstrate our proposed ideas by developing a proof of concept that
runs on top of Ethereum. The resulting decentralized application (DApp) mimics the process of
buying and opening a loot box under the proposed solution, as Figure 2illustrates. In practice, this
DApp would be part of a video game using smart contracts to randomly draw items. Figure 3shows
a high-level description of the interaction among players, DApp, and the Ethereum blockchain.
Before effectively running our DApp, we need to first appropriately code the smart contract and
deploy it to the Ethereum blockchain. The appendix shows the smart contract in Algorithm 1
coded using the version 0.4.25 of the Solidity programming language.3The smart contract encodes
3The source code of the DApp and smart contract are available at https://github.com/arthurgcarvalho/lootbox.
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
20 Pre-print to be published in Decision Support Systems
the loot box we discussed when explaining Algorithm 1in the previous section, i.e., it has three
winnable items, namely “Dragon Sword”, “Silver Sword”, and “Common Sword”. The probabilities
associated with the items are represented as percentages (respectively, 10, 20, and 70) since, at the
time of writing, Solidity does not support fixed-point numbers yet.
We note that Algorithm 1as well as our implementation in the appendix could be more generic.
For example, using different data structures, one could have a single smart contract storing infor-
mation about many different loot boxes from a single or even across many video games. The main
drawback of such an implementation choice concerns costs. In particular, extra transactions could
be required to submit items and probabilities to the smart contract. Moreover, extra storage space
would be used by the blockchain nodes since identifiers of games and/or different loot boxes would
be stored for each purchase. The increased number of transaction calls as well as the extra storage
space cause the deployment of and interaction with the smart contract more expensive.
Looking at the code in the appendix, both the list of items (line 5) and probabilities (line
6) are publicly available to any Ethereum user. The smart contract uses a data structure called
blockLastPurchase that maps a screen name to a numerical value (line 9). This information is
eventually used to prevent players from trying to draw more than one item per block (line 15).
The smart contract also defines an event called Draws, which stores relevant data in the blockchain
(line 25). The stored data are defined as a 2-tuple representing a drawn item and its owner, i.e., a
player’s screen name. Our RNG function returns natural numbers between 0 and 99. It uses the
predefined function keccak256 (line 35), which is an implementation of the Secure Hash Algorithm
3 (SHA-3). Finally, the drawItem function can only be called by the user whose address is listed in
the smart contract (line 16; line 7), i.e., the game developer itself. This latter point prevents some
cybersecurity attacks, as we elaborate on in Section 6.2. For testing and evaluation purposes, we
deployed the smart contract to Ethereum test network called Ropsten.
Different software, including our proposed DApp, can now interact with the smart contract after
the same has been deployed to the Ethereum blockchain. Our DApp is a web-based application
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
Pre-print to be published in Decision Support Systems 21
that simulates the in-game process of buying and opening loot box. The main purpose of the DApp
is to demonstrate how our ideas can be applied in practice, and to emphasize idiosyncrasies of
blockchain-based loot box mechanisms. The DApp was developed using the HTML and JavaScript
languages together with the web3 library. The player interacts with the DApp using any browser.
The DApp, in turn, interacts with the smart contract in the Ethereum blockchain via an API
provided by the company Infura4. Finally, the player interacts with (reads data from) the Ethereum
blockchain via the blockchain-explorer services provided by Etherscan5. We emphasize that we
are using existing services as part of our proof of concept and, as such, we made no effort to
optimize user interfaces. This human-computer interaction element is clearly a crucial component
of our solution due to the novelty of some concepts (e.g., blockchain addresses), but designing
and evaluating suitable interfaces is beyond the scope of our work. We expect game developers to
greatly improve usability when moving beyond the proof of concept we suggest in this paper.
We next illustrate the process a player faces when buying a loot box under our proposed
blockchain-based solution. Whenever appropriate, we reference the underlying steps in Figure 2,
which describes the process of purchasing and opening a loot box. Before the purchase actually
happens, the player has the chance to look at the list of winnable items and associated probabilities
(Figure 4a), which is the second step in Figure 2. Before committing to the purchase, the player
can verify whether the shown items and probabilities are the same as the ones coded in the smart
contract (step 3 in Figure 2). By clicking on “Check the Blockchain”, the player is redirected to
the smart contract’s page on Etherscan, which in turn provides a blockchain-explorer service. In
that page, among other things, the player can check whether the smart contract’s code does indeed
include the items and probabilities previously displayed to the player (Figure 4b).
The player can then click on the “Buy Loot Box” button to perform the purchase (step 3 in
Figure 2). Our proof of concept abstracts all the payment details and, instead, it focuses on the
4https://infura.io/
5https://etherscan.io/
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
22 Pre-print to be published in Decision Support Systems
Figure 4 Potential actions before the purchase of a loot box. The steps inside parenthesis refer to the purchase
process in Figure 2.
(a) Player visualizes a loot box (step 2). (b) Player checks the loot box’s code (step 3).
subsequent interactions between the DApp and Ethereum. Behind the scenes, the DApp creates,
signs, and submits a transaction to the Ethereum blockchain via the API provided by the company
Infura. In that transaction, the drawItem function in the smart contract’s code representing the
loot box is called upon (step 4 in Figure 2). The argument of that function is the player’s screen
name, e.g., “PlayerX” in the example in Figure 4. Throughout the above process, what the player
sees is simply a loading screen (Figure 5a). The “Buy Loot Box” button is disabled on purpose
to prevent the player from purchasing another loot box before receiving his/her previous item. In
practice, a game can have animations to better entertain the player while waiting for the outcome.
Eventually, the created transaction is added to a block, and the block added to the blockchain,
when the result from calling the drawItem function becomes available to the DApp (step 5 in Figure
2). The DApp then shows the resulting item to the player alongside a link to the transaction’s page
on Etherscan (Figure 5b), which is the sixth step in Figure 2. By following that link and, hence,
the seventh step in Figure 2, the player can see when the transaction was created and whether
the smart contract s/he saw before (Figure 4b) was actually called upon (Figure 5c). The player
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
Pre-print to be published in Decision Support Systems 23
Figure 5 Events after the purchase of a loot box. The steps inside parenthesis refer to the purchase process in
Figure 2.
(a) Loading screen (step 4). (b) Item received by the player (steps 5 and 6).
(c) Proof regarding transaction call (step 7). (d) Proof regarding received item (step 7).
can also confirm whether the item the game displays is the same as the item resulting from the
drawItem function (Figure 5d).
Our solution is able to effectively create a transparent and trustworthy loot box mechanism
by displaying lists of items and probabilities ex ante alongside ex-post proofs that these lists are
used during the randomization process. Nevertheless, there are different aspects of our solution
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
24 Pre-print to be published in Decision Support Systems
that merit a thorough discussion, such as its accuracy,security, and costs. We further evaluate our
solution under those criteria in the following section.
6. Evaluation
The fifth step in the design science research framework concerns the evaluation of how well the
proposed artifact supports a solution to the identified problems. Such an evaluation might “include
quantifiable measures of system performance ... [and] any appropriate empirical evidence or logical
proof ” (Peffers et al. 2007, page 56). By making both the list of items and probabilities publicly
available, our proposed blockchain-based loot box mechanism satisfies the transparency aspect
we discussed before. We argue that by disentangling the randomization mechanism from a video
game’s source code, our solution boosts the trust players have in the system. This latter point
implicitly relies on several assumptions unmentioned thus far, such as: 1) the calculations by the
smart contract are accurate; and 2) the blockchain must not be manipulated by any user/node.
Moreover, if our proposed solution is to be adopted, the underlying financial costs and running
time must both be reasonable. To address the above assumptions, one clearly needs to evaluate a
well-defined proof of concept, as opposed to an abstract idea. As such, we elaborate on the above
assumptions by analyzing the DApp (proof of concept) we suggested in the previous section.
6.1. Accuracy
Moving the computations regarding the random drawing of items to a blockchain is unreasonable
if those computations are inaccurate. In other words, the trustworthy characteristic we claim our
solution satisfies is invalid if the empirical (observed) distribution of items does not match the
displayed (theoretical) distribution presented to a player before the purchase of a loot box. We
test the above equality by performing statistical inferences. Table 1shows the data we use to test
different hypotheses. The data represent draws from the same loot box we discussed in previous
sections, i.e., it has three winnable items, namely “Dragon Sword”, “Silver Sword”, and “Common
Sword”, and the associated probabilities are, respectively, 0.1, 0.2, 0.7.
We first analyze whether the empirical distribution of the items purchased by a single player
is statistically equivalent to the expected (theoretical) distribution of items. To do so, we call the
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
Pre-print to be published in Decision Support Systems 25
drawItem function a number of times for the same player, namely “PlayerX”. The number of calls
is determined after a power analysis, which in turn allows us to define the sample size required
to detect an effect of a given size for a given power and degree of confidence. In particular, we
assume the traditional significance level and power equal to, respectively, 0.05 and 0.8. The degrees
of freedom is equal to 2, i.e., the number of winnable items minus one. We then define the ideal
sample size based on the possibility of obtaining effect sizes as small as 0.1, the “small” effect size
value suggested by Cohen (2013) for chi-square tests (which we perform next). Given the above, we
find that the ideal sample size is equal to approximately 963. To simplify the expected frequencies
concerning different items (see the second column in Table 1), we round that ideal value up to
1000, which enables us to obtain even smaller effect sizes. The third column of Table 1shows
the frequency of the obtained items after calling the drawItem function 1,000 times for the screen
name “PlayerX”. We can now perform a hypothesis test where the null hypothesis is: “there is
no significant difference between the single-player and the expected frequencies”. The result from
a chi-square goodness-of-fit test shows that we do not have enough evidence to reject the null
hypothesis (χ2= 1.4314, df = 2, p-value = 0.4888).
Next, we determine whether the empirical distribution of the items purchased by multiple players
is statistically equivalent to the expected distribution of items. To do so, we call the drawItem
function 1,000 times using the screen name “Player?”, where the question mark symbol (?) is
actually a number randomly drawn from the discrete uniform distribution U(0,999). The observed
frequency of items is available in the last column of Table 1. This scenario represents the case where
each player is expected to buy a single loot box. The null hypothesis for our second hypothesis test
Table 1 Frequencies concerning winnable items for a total of 1000 draws.
Item Expected Frequency Single-Player Frequency Multiplayer Frequency
Common Sword 700 692 696
Silver Sword 200 214 200
Dragon Sword 100 94 104
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
26 Pre-print to be published in Decision Support Systems
is: “there is no significant difference between the multiplayer and the expected frequencies”. Once
again, the result from a chi-square goodness-of-fit test shows that we do not have enough evidence
to reject the null hypothesis (χ2= 0.18286, df = 2, p-value = 0.9126).
Finally, we combine all the aforementioned 2,000 draws to create a scenario where a few players
purchase several loot boxes, but the vast majority purchase just a few. We formulate our null
hypothesis as “there is no significant difference between the observed and the expected frequencies”.
Clearly, the expected frequency is now twice what is listed in the second column of Table 1, whereas
the observed frequency is obtained by summing the third and fourth columns. The result from
a chi-square goodness-of-fit test shows that we do not have enough evidence to reject the null
hypothesis (χ2= 0.61286, df = 2, p-value = 0.7361).
The above results show that we have strong evidence that the RNG and drawItem functions
work correctly in our Ethereum-based proof of concept. In other words, the calculations regarding
the random drawing of items appropriately use the probabilities the players have access to.
6.2. Security
Given the append-only nature of blockchains, it is crucial to have an error-free development and
deployment of smart contracts since, after deployed, a smart contract can no longer be deleted
or have its source code updated (Carvalho et al. 2021). An incorrect code might lead to unex-
pected behavior and even financial losses. For example, smart contracts deployed to the Ethereum
blockchain have been subject to several types of attacks due to code errors (Atzei et al. 2017),
the most high-profile being the “DAO attack”, where an attacker was able to take control of over
US 60 million in Ether. To prevent similar issues, it is crucial to scrutinize every smart contract
before deployment. In our case, we performed static, dynamic, and symbolic analysis using the
tools Securify (Tsankov et al. 2018) and MythX6to find potential issues in our smart contract
before deployment.
We argue that the code we report in the appendix is a suitable starting point for gaming com-
panies contemplating the use of blockchain-based loot boxes since, according to the above tools,
6https://mythx.io/
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
Pre-print to be published in Decision Support Systems 27
the same is free of major technical and security issues. Before achieving this status, we did follow
some suggestions by Securify and MythX regarding improvements. For example, we initially forgot
to check whether the blockchain user calling the drawItem function equates to the address repre-
senting the game developer (line 16). Securify then issued a warning stating that, as it was, any
blockchain user could change the data structure that stores information about the last purchase
by a player (line 18). When analyzing that warning, we realized that by successfully calling the
drawItem function, any blockchain user could on behalf of any player add information resulting
from a purchase of a loot box to the blockchain. Again, we have fixed this security issue by only
allowing the user representing the game developer to successfully call the drawItem function.
The above discussion emphasizes the importance of getting the smart contract representing
a loot box right from the beginning since traditional patching operations, such as over-the-air
updates, are not possible for blockchains. But security issues go beyond code safety. One must also
consider the security and integrity of the underlying network. For example, if a game developer or
any malicious entity joins the blockchain network as a node, can that entity prevent transactions
representing calls to the drawItem function from being processed? Theoretically, the previous attack
is possible in blockchain models that follow the proof-of-work consensus mechanism.7For example,
by controlling 51% of the computational resources, i.e., the majority of the computing power on
the network, an attacker can effectively dictate in the long run the transactions that will and will
not be added to the blockchain. These so called 51% attacks are not likely to happen in well-
established public blockchains, such as Ethereum, the blockchain network we chose to deploy our
smart contract to. The reason for this is that the attacker would need to acquire an unreasonable
amount of computational power in order to be able to manipulate the network. This point highlights
the importance of appropriately selecting a blockchain network to deploy a solution to. Immature
networks might be more susceptible to network-level attacks, such as 51% or distributed denial-of-
service attacks, which can effectively prevent a blockchain-based loot box solution from working.
7We refer the interested reader to the work by Bano et al. (2019) for a review on different consensus mechanisms.
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
28 Pre-print to be published in Decision Support Systems
A final security aspect worth discussing concerns the interface players access when verifying the
smart contract before a purchase and/or the correctness of a transaction after a purchase. In our
demonstration in Section 5, we used a blockchain-explorer service offered by Etherscan. In practice,
such an interface should be as intuitive as possible so as to require the least amount of technical
knowledge from players. At the same time, the interface must faithfully reflect the information
that is in the smart contract. A relatively simple attack would be to have the graphical interface
displaying misleading information, e.g., sets of items and probabilities that do not correspond
to what is in the underlying smart contract. Although researching human-computer interfaces is
beyond the scope of this paper, the above point nonetheless reinforces the importance of using a
public blockchain in the context of loot boxes. In particular, any player can join a public blockchain,
such as Ethereum, as a node and store smart contracts and transactions. This allows any set of
honest nodes to confirm whether the information displayed on a graphical user interface reflects
what is inside the corresponding smart contract’s code stored in the blockchain.
6.3. Costs
The last evaluation point of our proposed blockchain-based loot box mechanism concerns the
costs of running the solution. Focusing on the Ethereum blockchain network, we elaborate on
two different costs: 1) the price of deploying the smart contract; and 2) the price of creating
transactions. Focusing on the former first, we note that the gas value regarding the deployment
of a smart contract is fixed. In particular, at the time of writing, it costs 663,405 gas units to
deploy the smart contract in the appendix to the Ethereum network. Deploying a smart contract
is done via a transaction. As we discussed in Section 5.1, any user proposing a transaction must
also define a gas price, i.e., how much Ether the user is willing to pay for a gas unit. The proposed
gas price often determines how quickly the transaction is added to a block and, subsequently, to
the blockchain.
For the sake of illustration, assume that the game developer suggests a gas price of 4 ×10−9
ethers when deploying the smart contract. This means that a transaction should be added to the
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
Pre-print to be published in Decision Support Systems 29
blockchain in about 80 seconds at the time of writing. Alternatively, for a gas price equal to 25×10−9
ethers, that transaction should be processed in about 11 seconds. Given the current exchange rate
of US 504.50 per Ether and the total cost of 663,405 gas units required to deploy the loot box
contract, the deployment cost concerning the slower case is then 4 ×10−9×663,405 ×504.50 ≈
US 1.34, which is a reasonable cost given that each contract representing a loot box is deployed
only once.
The second source of cost we consider concerns the creation of transactions involving the deployed
smart contract. We note first that some user requests are free of charge since they neither change
the state of the blockchain nor require complex computations. For example, any user can freely
request from a node the value of the public attributes that store information about items and
probabilities (see lines 5 and 6 in the appendix). Alternatively, a transaction calling the drawItem
function requires several computations, and that function changes the state of the blockchain by
storing extra information in it. It is not possible to pinpoint the precise cost of calling the drawItem
function since it depends on a series of factors, e.g., how long a screen name is and the number of
iterations required to draw an item by the fitness proportionate selection mechanism (see line 23 in
the appendix), which in turn is defined by a random value. In our experiments, calling the drawItem
function cost on average 52,040 gas units. We deliberately chose the gas price of 10−8ethers to get
each transaction processed in about 40 seconds at the time of writing. Given the exchange rate of
US 504.50 per Ether at the time, the above cost is equal to 10−8×52,040 ×504.50 ≈US 0.26 per
transaction. That is, the video game must currently pay about 26 USD cents to randomly draw an
item and store the relevant information in the blockchain in about 40 seconds.
Although the above discussion is rather specific to our proposed smart contract running on
Ethereum, there are nonetheless important managerial lessons one can draw regarding the deploy-
ment of blockchain-based loot box mechanisms. In particular, by using a public, general-purpose
blockchain, such as Ethereum, video game companies might lose control over the costs of running
the proposed solution. For example, nodes can naturally request more money to process trans-
actions when the total number of proposed transactions in the blockchain network goes up. This
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
30 Pre-print to be published in Decision Support Systems
situation happened with Bitcoin in December, 2017, when at certain point the average fee to process
a single transaction was over US 30. In the context of Ethereum, transaction fees are determined by
the suggested gas price, which in turn should represent a dynamic equilibrium between the number
of outstanding transactions, the number of transactions nodes can handle at a time, and the cost of
handling one transaction. A potential solution to avoid spikes and wild fluctuations in transaction
fees is to create a public blockchain that is dedicated to process loot boxes. As a public blockchain,
anyone can still join the network at any time as a user or a node. However, some decisions, such
as the structure of transaction fees and gas costs, should be defined by a council/committee over-
seeing the operations of the blockchain. Such a council can have representatives from the video
game industry, e-sports and players associations, regulatory bodies, consumer protection agencies,
etc. From a technical perspective, there is no need to completely engineer a blockchain technol-
ogy from scratch; given that several blockchain frameworks/projects, such as Ethereum, are open
source (Carvalho et al. 2020), the dedicated blockchain can be simply one of those projects tailored
to the needs of the video game industry. For example, the resulting blockchain can replace Ether
with a stablecoin, i.e., a cryptocurrency whose value is pegged to stable assets/currencies, e.g., fiat
money. This would simultaneously reward nodes for keeping the network infrastructure alive while
avoiding the high volatility most cryptocurrencies currently face. To illustrate this latter point,
the price of of a single Ether skyrocketed to about US 1,400 on January 12th, 2018, subsequently
dropping to approximately US 87 on December 11th, 2018. More recently, the exchange rate of
US 504.50 per Ether is due primarily to a renewed interest in Ethereum driven by decentralized
finance (DeFi) applications as well as the potentially associated speculative bubble.
7. Conclusion
Traditional loot boxes are not transparent in that players do not necessarily know the winnable
items and associated probabilities before a purchase. Even in the unusual cases when items and
probabilities are available, there are no guarantees that a video game is actually using that infor-
mation when randomly drawing an item, which results in a trust problem. In this paper, we applied
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
Pre-print to be published in Decision Support Systems 31
a problem-centered design science research approach to develop a blockchain-based solution that
addresses the transparency and trust issues currently faced by loot box mechanisms. Our solution
does not require game developers to open the source code of an entire video game. Instead, it dis-
entangles the computations required to randomly draw items from the video game’s source code.
Those computations are now performed by a smart contract running on a public blockchain. As
such, anyone, including players and regulatory agencies, can check the list of items and probabili-
ties ex ante,i.e., before a purchase, as well as whether the randomization mechanism is behaving
appropriately ex post,i.e., whether the video game is indeed calling the smart contract.
Using the Ethereum blockchain network, we developed a decentralized application that mimics
the process of buying and opening a loot box. This proof of concept illustrates how gaming com-
panies can leverage our ideas in practice. When evaluating our proof of concept, we discussed how
accurate, secure, and inexpensive the proposed solution is. We also offered suggestions regarding
deployment, e.g., the importance of choosing an appropriate blockchain platform and to clearly
define an overseeing committee able to define important parameters, such as transaction fees.
The latter point above concerns blockchain governance, a topic that has received considerable
attention over the last few years (Beck et al. 2018,Carvalho et al. 2021). In the context of a
blockchain dedicated to process loot boxes, as we suggested in Section 6.3, there are important
questions to be addressed beyond committee composition, e.g., how are decisions made and conflicts
resolved in the underlying ecosystem? What does the cost structure look like? For example, who
will pay for (and can propose) software updates? Finding answers to these questions constitute a
valuable research opportunity whose outcome has managerial value beyond the video game industry.
Besides governance-related questions, we have also discussed other relevant future research direc-
tions throughout the paper, e.g., how to best visualize information inside smart contracts in a way
that requires the least amount of technical knowledge? Although our solution has not addressed
the growing concerns regarding gambling, we note that future research work can investigate how
blockchain-based loot boxes can alleviate gambling problems. For example, a dedicated blockchain
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
32 Pre-print to be published in Decision Support Systems
network enables the creation of disruptive information technology features that are capable of con-
trolling unwanted gambling patterns in games. Specifically, if nodes realize that a certain player
is purchasing loot boxes too often, they can then raise the number of blocks required in between
purchases for that specific player. Or even further, players’ screen names might be added to a
blacklist stored in the blockchain and, hence, only players not in the blacklist are allowed to pur-
chase loot boxes. These examples illustrate what King and Delfabbro (2019) referred to as “breaks
in play or cooldowns” in their blueprint for ethical video game monetization schemes. Moreover,
the above examples highlight how one can possibility tweak blockchain protocols to prevent, or at
least reduce, gambling patterns, which is an exciting research direction.
Finally, it is important to study the financial implications of a transparent and trustworthy loot
box mechanism. On the one hand, one can argue that video game developers may suffer revenue
losses since players will now know how unlikely it is to obtain some desirable items, which can
lead to fewer loot box purchases. Alternatively, one can argue that a transparent and trustworthy
loot box mechanism might actually increase game developers’ revenue due to probabilities driving
purchases up by defining expectations in terms of the number of loot boxes required to obtain
a certain item. A behavioral study involving the loot box mechanism presented in this paper is
required to understand players’ purchasing decisions and the impact on game developers’ revenue.
Appendix: Sample Loot Box Smart Contract
1pragma s o l i d i t y 0.4.25;
2
3contract LootBoxes {
4
5s tr i n g [ 3 ] pu b li c i t e m s = [ " D r a g o n S w o r d " ," S i l v e r S w o r d " ," C o m m o n S w o r d " ] ;
6uint [ 3 ] p u bl i c p r o b a b i l i t i e s = [ 1 0 , 20 , 7 0 ] ;
7ad dr es s pub l i c ga m eD e ve l op e r = 0 x 0 0A 87 7 E0 32 5 Ba 6c 6 97 f 5a 6a e 05 Fa 8 F9 1b 5 44 27 6 C ;
8
9mapping (st r i n g =>uint)private blockLastPurchase ;
10
11 event Draws ( s t r i n g i te m , s t r i n g s cr een Na me ) ;
12
13 function drawItem ( s t r i n g sc re enN am e ) p ub lic r etu rn s (st r i n g ){
14
15 assert (block .number != b l o c k L a s t P u r c h a s e [ s c re e nN a me ] ) ;
16 assert (msg.se nd er == g am eD ev el ope r ) ;
17
18 b l o c k L a s t P u r c h a s e [ s cr e en N am e ] = block .number;
19
20 uint ra ndo mVa lue = RNG( s cre en Nam e ) ;
21 uint lo w er Bo u nd a ry = 0 ;
22
23 for (uint i = 0 ; i <i t e m s . le ngt h ; i ++) {
24 i f ( r and om Val ue >= l o we r Bo u n da r y && ran d om Va lu e <l ow er Bo un da ry + p r o b a b i l i t i e s [ i ] ) {
25 emi t Dra ws ( i t e m s [ i ] , s cr e en N a me ) ;
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
Pre-print to be published in Decision Support Systems 33
26 re tu rn i t e m s [ i ] ;
27 }
28 else {
29 lo we rB ou nd ar y = l ow er Bo un da ry + p r o b a b i l i t i e s [ i ] ;
30 }
31 }
32 }
33
34 function RNG( st r i n g s cre en Na me ) p r i va t e vie w re t ur n s (uint8 ){
35 re tur n ui nt 8 (uint256(keccak256 (abi .encodePacked (block .timestamp , s cre en Nam e) ) ) %1 00) ;
36 }
37
38 }
References
Activision Blizzard (2018). 2017 Annual Report. Retrieved from: https://investor.activision.com/
static-files/ace1c2fc-c2c8-4461- b9fe-157d7fd1e9c2. Last accessed: February 24, 2021.
Atzei, N., Bartoletti, M., and Cimoli, T. (2017). A Survey of Attacks on Ethereum Smart Contracts (SoK).
In Proceedings of the 6th International Conference on Principles of Security and Trust, pages 164–186.
Bano, S., Sonnino, A., Al-Bassam, M., Azouvi, S., McCorry, P., Meiklejohn, S., and Danezis, G. (2019).
SoK: Consensus in the Age of Blockchains. In Proceedings of the 1st ACM Conference on Advances in
Financial Technologies, pages 183–198.
Beck, R., M¨uller-Bloch, C., and King, J. L. (2018). Governance in the Blockchain Economy: A Framework
and Research Agenda. Journal of the Association for Information Systems, 19(10):1020–1034.
Carvalho, A. (2020). A Permissioned Blockchain-Based Implementation of LMSR Prediction Markets. Deci-
sion Support Systems, 130.
Carvalho, A., Dimitrov, S., and Larson, K. (2017). Inducing Honest Reporting of Private Information in the
Presence of Social Projection. Decision, 4(1):25–51.
Carvalho, A., Merhout, J. W., Kadiyala, Y., and Bentley II, J. (2021). When Good Blocks Go Bad: Managing
Unwanted Blockchain Data. International Journal of Information Management, 57:102263.
Carvalho, A., Sambhara, C., and Young, P. (2020). What the History of Linux Says About the Future of
Cryptocurrencies. Communications of the Association for Information Systems, 46:18–29.
Cohen, J. (2013). Statistical Power Analysis for the Behavioral Sciences. Routledge, 2nd edition.
Demchenko, O. (2019). Electronic Commerce in the Gaming Industry. Legal Challenges and European
Perspective on Contracts through Electronic Means in Video Games and Decentralized Applications.
Pecs Journal of International and European Law, pages 58–68.
Dimmock, S. G., Kouwenberg, R., and Wakker, P. P. (2015). Ambiguity Attitudes in a Large Representative
Sample. Management Science, 62(5):1363–1380.
Drummond, A. and Sauer, J. D. (2018). Video Game Loot Boxes are Psychologically Akin to Gambling.
Nature Human Behaviour, 2:530–532.
Ellsberg, D. (1961). Risk, Ambiguity, and the Savage Axioms. The Quarterly Journal of Economics,
75(4):643–669.
Entertainment Software Association (2019). Video Game Industry Commitments to Further Inform Con-
sumer Purchases. Retrieved from: https://www.theesa.com/perspectives/video-game-industry-
commitments-to-further-inform- consumer-purchases/. Last accessed: February 24, 2021.
Etherscan (2020). Ethereum Average Gas Price Chart. Retrieved from: https://etherscan.io/chart/
gasprice. Last accessed: February 24, 2021.
Fauth-B¨uhler, M. and Mann, K. (2017). Neurobiological Correlates of Internet Gaming Disorder: Similarities
to Pathological Gambling. Addictive Behaviors, 64:349–356.
Federal Trade Commission (2020). FTC Video Game Loot Box Workshop. Retrieved
from: https://www.ftc.gov/system/files/documents/reports/staff-perspective-paper-loot-
box-workshop/loot box workshop staff perspective.pdf. Last accessed: February 24, 2021.
Carvalho, A.: Bringing Transparency and Trustworthiness to Loot Boxes with Blockchain and Smart Contracts
34 Pre-print to be published in Decision Support Systems
Foye, L. (2018). Future Games Market: Market Sizing & Forecasts 2018-2022. Juniper Research.
Retrieved from: https://www.juniperresearch.com/researchstore/content-commerce/future-
games-market. Last accessed: February 24, 2021.
Gilcrest, J. and Carvalho, A. (2018). Smart Contracts: Legal Considerations. In Proceedings of the 2018
IEEE International Conference on Big Data, pages 3277–3281.
Google (2019). Monetization and Ads. Retrieved from: https://play.google.com/about/monetization-
ads/payments/. Last accessed: February 24, 2021.
Gupta, S. and Gentry, J. W. (2019). ‘Should I Buy, Hoard, or Hide?’ - Consumers’ Responses to Perceived
Scarcity. The International Review of Retail, Distribution and Consumer Research, 29(2):178–197.
Halevy, Y. (2007). Ellsberg Revisited: An Experimental Study. Econometrica, 75(2):503–536.
Kansspelcommissie (2018). Loot Boxen in Drie Videogames in Strijd met Kansspelwetgev-
ing. https://www.koengeens.be/news/2018/04/25/loot-boxen-in-drie- videogames-in-strijd-
met-kansspelwetgeving. Last accessed: February 24, 2021.
King, D. L. and Delfabbro, P. H. (2019). Video Game Monetization (eg,‘Loot Boxes’): A Blueprint for Practi-
cal Social Responsibility Measures. International Journal of Mental Health and Addiction, 17:166–179.
Korea Association of Game Industry (2018). Criteria on Implementation of Self-regulation for Healthy
Game Culture. Retrieved from: http://www.gsok.or.kr/regulations-on-self-regulation/?uid=
290&mod=document&pageid=1. Last accessed: February 24, 2021.
Kristiansen, S. and Severin, M. C. (2020). Loot Box Engagement and Problem Gambling among Adolescent
Gamers: Findings from a National Survey. Addictive Behaviors, 103.
Lussier, I. D., Derevensky, J., Gupta, R., and Vitaro, F. (2014). Risk, Compensatory, Protective, and Vulnera-
bility Factors Related to Youth Gambling Problems. Psychology of Addictive Behaviors, 28(2):404–413.
Macey, J. and Hamari, J. (2019). ESports, Skins and Loot Boxes: Participants, Practices and Problematic
Behaviour Associated with Emergent Forms of Gambling. New Media & Society, 21(1):20–41.
McAloon, A. (2016). Online Games Will be Required to Disclose Random Loot
Box Odds in China. Gamasutra.https://www.gamasutra.com/view/news/287258/
Online games will be required to disclose random loot box odds in China.php. Last accessed:
February 24, 2021.
Pedersen, A. B., Risius, M., and Beck, R. (2019). A Ten-Step Decision Path to Determine When to Use
Blockchain Technologies. MIS Quarterly Executive, 18(2):99–115.
Peffers, K., Tuunanen, T., Rothenberger, M. A., and Chatterjee, S. (2007). A Design Science Research
Methodology for Information Systems Research. Journal of Management Information Systems,
24(3):45–77.
Reddit (2019). Nintendo, Sony, Microsoft to Require Loot Box Odds Disclo-
sure. Retrieved from: https://www.reddit.com/r/Games/comments/cn7704/
nintendo sony microsoft to require loot box odds/. Last accessed: February 24, 2021.
The Netherlands Gambling Authority (2012). Study into Loot Boxes: A Treasure or a Burden? Retrieved
from: https://kansspelautoriteit.nl/english/loot-boxes/. Last accessed: February 24, 2021.
Tsankov, P., Dan, A., Drachsler-Cohen, D., Gervais, A., B¨unzli, F., and Vechev, M. (2018). Securify: Practical
Security Analysis of Smart Contracts. In Proceedings of the 2018 ACM Conference on Computer and
Communications Security, pages 67–82.
Zendle, D. and Cairns, P. (2018). Video Game Loot Boxes are Linked to Problem Gambling: Results of a
Large-Scale Survey. PloS one, 13(11):e0206767.
Zendle, D. and Cairns, P. (2019). Loot Boxes are Again Linked to Problem Gambling: Results of a Replication
Study. PloS one, 14(3):e0213194.
Zendle, D., Meyer, R., and Over, H. (2019). Adolescents and Loot Boxes: Links with Problem Gambling and
Motivations for Purchase. Royal Society Open Science, 6(6).
