Verify a draw

1. Before sales open we publish sha256(server_seed). The seed itself stays hidden — but we can't change it later without breaking the hash.
2. When sales close, the server combines that seed with the canonical list of paid ticket IDs (entropy nobody could predict in advance) to produce final_seed = sha256(server_seed:client_entropy).
3. Winning numbers are derived deterministically by hashing final_seed:counter and reducing each 32-bit chunk modulo the number pool, skipping duplicates.
4. Your browser repeats every step above and compares the result to what's published. If anything was tampered with, the badges turn red.

Don't have a draw ID handy? Browse draws and copy one from any settled draw.