Paperback is in! — a cryptographic giveaway

Win a signed copy of Mathematica: A Secret World of Intuition and Curiosity

The paperback edition of Mathematica: A Secret World of Intuition and Curiosity will go on sale on May 20th in the US (and July 22nd in the UK).

I received my author copies today in the mail and wanted to celebrate this by giving away 5 signed copies. Then I realized that I didn’t know of any clean protocol to select the winners.

My first instinct was to make it a speed contest, selecting the first five people commenting on this post. But do I really want to reward social media addiction?

My second idea was a needs-based allocation, favoring students and people from countries where imported books are unaffordable. I thought about asking people to apply by commenting on this Substack post with a quick summary of who they are, what they do, and where they’re coming from.¹

But am I really competent to judge who “needs the most”, or “deserves the most”, a free copy of my book? A possible fix would have been to make it a beauty contest, by selecting the most liked comments, but this felt even more unhealthy.²

I wrote my book for everyone, parents and teenagers, undergrads and PhD candidates, dilettantes and Fields medalists, preschool teachers and hedge fund managers, and I see no reason to exclude anyone.

This led me to my third attempt and final choice: a random draw, but a smart one!

Here’s the application form—if you’re simply interested in entering the contest, you can stop reading here. But if you’re curious about my ridiculously over-engineered protocol, you’ll find all the details below.

[JUNE 1st UPDATE: the contest is now over, see the results at the end of this post.]

The rules

1. You can apply from any country where it’s possible to send books to. If you’re one of the five winners, I’ll ship your copy to the address of your choice. (I’ll take care of the shipping fees, but depending on your country you may have to pay some import duties.)

2. Please apply with only ONE email address. Multiple entries by the same person with multiple email address strings will result in elimination. (It’s OK to apply multiple times with the same exact email address, but this won’t affect your chances of winning.)

3. I’ll keep the form online until June 1st, after which I’ll select the winners using the protocol below.

The drawing protocol

I never liked public giveaways where “winners will be chosen at random”, especially when the stakes are low and no-one is monitoring the process, as they provide the perfect environment for cheating. Can you really trust the organizers? And even if they don’t intentionally cheat, can you trust them to understand what it means to pick winners “at random”, and not just “through a random method”?

I pictured myself drawing the winners “at random” and realized how hard it would be not to cheat, if only by re-drawing with a different seed if I didn’t like the first batch of “winners” (= if the list exhibited a weird pattern that conflicted with my confused sense of fairness.)

The clean solution is to commit beforehand to the drawing protocol, including any random seed that will be used in it, and make all this information public in advance. But for this to solve the trust issue, participants need to have reasonably good reasons to believe that the actual drawing did follow the published protocol.

This is the kind of problems that people typically aim to solve with the blockchain.

But I wanted to keep things simple, and thought it was a really bad excuse to launch my own coin.

The first solution I came up with was to pick the five participants with the lowest values for a computed field based on a cryptographic hash function like SHA256:

SHA256(email_address)

On surface, this looks like a fair protocol, but it has two problems.

First, it would have killed all the fun. Indeed, anyone can check the SHA256 of their email address. If your address is “alexander@grothendieck.biz”, then there’s no point entering a contest that you have virtually zero chance of winning:

>> SHA256("alexander@grothendieck.biz")
f964bbacea738d84b00d457110b88eabc13af4005484d72ce2ce4ff69533fcbf

Worse, the contest is extremely easy to hack: you simply have to create alternate addresses until you find one that drastically increases your chances:

>> SHA256("alexander1@grothendieck.biz")
0082860981eb275a1f715e17aa563992210614a7b9c62f1811f18b706d5da728

A basic protection against this is to rely on salted hashes:

SHA256(email_address + salt)

where the salt is a predefined string.

This is the protocol that I will use and, of course, I’ve already picked my salt.

I can’t disclose my salt in advance, as this would recreate all the flaws of the unsalted protocol, but I’ll reveal it after the drawing is done and, to allow you to verity this information, here is the SHA256 of my salt:

>> SHA256(salt)
6d2317c887b9a6c805bf8395c19042faee02bf495503ccde67d7b730272d4c44

Is this bullet-proof?

No.

Using rainbow tables or brute-force/dictionary attacks, there is a possibility that someone will invert the hash and crack my salt.

You can also try mind-reading.

My position on that is fairly simple: if you really want it that hard, then you really deserve a free copy of my book.

[JUNE 1st UPDATE — the contest is now over]

The salt was “196883”, the dimension of the smallest faithful complex representation of the monster.

>> SHA256("196883")
6d2317c887b9a6c805bf8395c19042faee02bf495503ccde67d7b730272d4c44

It would have been easy to choose a long random string. But I liked the idea of hiding an optional skill contest behind a chance contest, so I picked a “meaningful” short string which appears three times in the book (hence the “You can also try mind-reading”—the salt was amenable to both psychological insight and full-blown dictionary attack.)

There were 111 participants and only 2 of them, William and Lachezar, have implausibly “lucky” email addresses. Erika too may not have cracked the salt, but it’s less certain: her “luck” was a high but not implausible, her email address looks a bit weird but might be genuine, and she posted only a few hours before the end of the contest. Ahmet Cagri’s and Pietro’s email addresses look 100% genuine.

FIRSTNAME      SHA256(email_address + salt)
William        000000006e2c7c6d28fc583506f3ce...
Lachezar       00000000d6b4342927411d8ed46efc...
Erika          005ad209262eb41f8ae71b25851126...
Ahmet Cagri    01053152f43cb2a39902b51ed83920...
Pietro         01ebe3ed20cc1c711da7b1e3c40d98...

I didn’t know what to expect, but I like this outcome which exhibits a good balance of skill and luck. Had it turned into a pure hashrate battle, my plan was to allocate more books to the giveaway and split the contest into two separate rankings, one for “natural luck” and another for “hacker’s luck” — that wasn’t even necessary.

Thanks everyone for participating, and congrats to all the winners, the lucky ones and the hackers.

1

I opted out of this approach, but feel free to drop a few words about you in the comments below, as I’m curious to learn more about my readers.

2

The intent was of course healthy. If you're based in a country where foreign books are very expensive, or if you’re a student with limited resources and access, or if for whatever reason you can’t afford to buy my book but still want to read it, please contact me by private message.

Comments

[Capitan Kitty]

Just ordered the book! Looking forward to reading it.

[Nitin Rughoonauth]

Dear David,

You're so kind to be giving away signed copies of your marvelous book!

I recently bought the audiobook for a nephew in lower secondary school, and he's enjoyed it very much!

I read the French edition of your book, and I think I enjoyed it more :-)

Thank you so very much for writing such a fantastic book!