RNG auditor

A stream that looksrandom — one a general compressor can't shrink at all — can still be proven weakif you can recover the small generator behind it: its seed, or a chaotic map's parameters. Recovery is the proof of weakness. Incompressibility means a general-purpose codec found no pattern; it does notmean there isn't a 13-byte program that reproduces every byte.

at1 audit-rng <stream> searches for that program and returns a verdict: BROKEN (generator recovered, lossless-verified), WEAK-SIGNAL (partial structure found), or PASS (no recoverable generator — the stream resists).

Run an audit

at1 audit-rng stream.bin
# -> tries to recover the small generator behind the stream.
#    Recovery = proof of weakness. Verdicts: BROKEN / WEAK-SIGNAL / PASS

at1 audit-rng lcg.bin      # weak 16-bit-seed LCG -> recovers seed -> BROKEN
at1 audit-rng chacha.bin   # 256-bit cryptographic RNG -> infeasible -> PASS

A weak LCG: incompressible, yet BROKEN

# a weak LCG LOOKS random: a general compressor can't shrink it
xz -9 lcg.bin            # -> 100.1% of raw (no compression at all)

at1 audit-rng lcg.bin    # -> recovers the 16-bit seed, ~100 KB collapses to 13 bytes
#    7,692x vs raw, lossless-verified (regenerates the stream byte-for-byte)
#    VERDICT: BROKEN

The linear congruential generator with a 16-bit seed is the clean example: xz reports 100.1% of raw — genuinely no compression — while recovering the seed collapses ~100 KB to 13 bytes (7,692× vs raw), and the 13 bytes regenerate the stream byte-for-byte.

Verified results

  • Weak LCG (16-bit seed)— xz can't shrink it (100.1% of raw); recovering the seed gives 13 bytes (7,692× vs raw), lossless-verified → BROKEN.
  • Low-dimensional integer chaos (logistic map) — recovered to 17 bytes (153× vs xz) → BROKEN.
  • Cryptographic RNG (256-bit) and true OS noise — recovery infeasible → PASS. The failure is the point: a strong RNG resists.
  • Real SA PowerBall lottery draws — no recoverable generator → certified consistent with a fair RNG. (The same engine flags rigging when it exists— this is AT-1's compression-as-fairness-auditor line.)

Honest scope — what this does and does not do

This detects known weak generators: LCG families under common output mappings, short-period generators, and low-dimensional chaos. It is not a break of MT19937-from-output and not a break of strong cryptography. A 256-bit cryptographic RNG correctly returns PASS — there is no overclaiming here and no "breaks any RNG" promise.

Who this is for

  • Gaming / iGaming fairness compliance — certify that a draw or shuffle stream has no recoverable generator.
  • Key-management & security audits — catch a weak source feeding key generation before it ships.
  • Embedded-device RNG validation— confirm a device's entropy source isn't a short-period generator in disguise.

Running an audit and verifying its lossless reconstruction are free and never need an account; the encode path is metered against the account whose API key the host process supplies — same as the rest of AT-1.