Published Apr 19, 2026 · By Minto

How to build a transparent on-chain blind box (and how Minto ships it)

Transparency is not a slogan. A transparent blind box must let any third party verify what rules were active, for which contract, at which block, and what happened for a specific request.

What should always be public

1. Runtime contract bindings: active address, effective block, and rotation history per box type.
2. Rule commitments: reward rule hash, rule document hash, and immutable rule document URI/version.
3. Randomness path: formula, entropy commit process, anti-replay constraints, and expiry checks.
4. Request and settlement traceability: request tx/event anchors and settlement sync references.
5. Payout observability: status and audit trail lookup for withdrawal records.
6. Build provenance: prod/test fingerprint visibility and owner-control snapshot.

How Minto implements this in production

1. Users submit on-chain open requests with requestOpenLite and signed authorization.
2. Each request is bound to a round with committed roundSeedHash.
3. Result randomness is deterministic from published inputs and can be replayed by external observers.
4. Public endpoints expose transparency data, payout lookup, and build provenance.

A practical transparent product does not need to claim absolute trustlessness. It needs clear boundaries, reproducible evidence, and user-level verification paths.