What is the ideal way of emulating a full dice set using a single d20?

Imagine you are trapped in a post-apocalyptic world and only have a single d20 at your disposal, nothing else whatsoever. What is the ideal way of emulating all other common dice types (d4, d6, d8, d10, d12, d%) using just this d20 and arbitrarily complicated math?

I realize there’s an easy way to make due with a single d6 (using the same d6 also for a coin-like mechanic), but I was wondering if this also works with a d20, and what the criteria are for this to work with a dN, if there is any research on the matter.

Let me preface this by defining a few pointers:

"ideal" = as few d20 rolls as possible.

"emulating" means mapping output from one or more d20 rolls to whichever die you want to emulate, while maintaining statistical accuracy – each possible output for the desired die must be equally likely.

"to map" a number X to an interval [1; B] means to apply an operation of the following form:

dB = X – B * int[(X – 1) / B]

where the int[] operation demands rounding down (truncation, since the argument will never be negative for the given problem).

Here’s what I have so far, in order of complexity:

Single roll X: d10 = [X] if [X <= 10], else: [X – 10]

Single roll X: d% is equivalent to d10.

Single roll X: d4 = X – 4 * int[(X – 1) / 4]

Two rolls X, Y: d8 = [X] if [X <= 8], or [X – 8] if [9 <= X <= 16]. Alternatively, for [X > 16], d8 = [Y] if [Y <= 8], or [Y – 8] if [9 <= Y <= 16]. Alternatively, if both [X > 16] and [Y > 16], d8 = [X – 16] if [X+Y] = even, else: [X – 12].

Three+ rolls X, Y, Z: d6 = X – 6 * int[(X – 1) / 6] if [X <= 18]. If not, check the same for Y. If not, check the same for Z. If {X, Y, Z} in {19, 20} (which has a 1/1000 chance of happening), map the combination to [1;6]. However, I don’t think it is possible to reliable get this mapping even when adding more and more dice rolls. Of course, it will get vastly unlikely rather quickly, but there does not seem to be a reliable way of using binary values to map to 6 reliably, seeing as it is a product of two primes. What is the lowest number of dice rolls required to achieve a 100% successful outcome, if it is possible at all?

The same issue applies to the d12, which can be constructed trivially from a d6 by rolling a d20 like a coin toss, then either using the initial d6 value or d6+6. This might not, however, be the ideal solution for this.

I would greatly appreciate any insight into the matter, as this has kept my mind busy for quite some time now. I’m pretty sure it cannot be reliably done for the d6 and d12, but I would appreciate any kind of closure or proof you peoples might be able to provide!

For an email signature, what is the “ideal” CDN image hosting provider? [closed]

Email signatures typically have an image of a logo or a profile picture. My question is, what is your recommended image hosting URL/service? Are some URL’s trusted over others?

I am not sure where to host these images hence the question.

I guess some ISP’s and email clients determine the "trustworthiness" of an image URL?

All experience greatly appreciated!

Ideal group size for a murder/horror mystery

I am writing a short murder/horror mystery adventure. System will be D&D 5e, and players will be level 2 (I plan to give them the 3rd level during the adventure). There will be some strong DM guidance on character creation. Some players will be very inexperienced in TTRPGs. Playing might happen on a table, or online (with player webcams), probably both. I plan to run the adventure several times, and I have a gut feeling that adventure will take 2 sessions to play through.

The focus will be in role-playing, with no risk of player being taken out of the adventure, until at the very final battles at the end. The focus won’t so much be in really solving the mystery like in a detective story either, but just being swept along for the ride, things happening and then players doing what they will. They may try to solve it or just survive, or even party ’till the end as the place goes down around them (meaning probable death at the end).

It is important that each player gets plenty of spotlight time, but without fear of the game stalling if they don’t play well, and without more introverted players feeling exhausted. So I am thinking of designing the events of the adventure for 3 players, allowing 2 or 4 if it is expected that players play well together.

In your experience, what is ideal group size for an adventure like this? For this group size, should I try to encourage or enforce certain kind of group dynamic, via guiding the character creation? What has worked for you? What has not worked, what has ruined an adventure like this, from group dynamic and player fun perspective.

Should a refresh token be linked to a single access token, and what is the ideal refresh flow?

I’ve been reading about access tokens and refresh tokens, and am implementing it in my own site. Right now, based on an example codebase on GitHub, a refresh token of random characters is created and stored in the database with some details such as the user id and expiry time, and returned alongside the JWT access token. The refresh route accepts both the old access token and refresh token, as well as some other request information (client id and IP), and as long as the refresh token exists in the database and is not expired, is assumed to be valid to grant the user a new access token (which is generated using the payload of the old token) before itself being reissued.

I then read this article, which notes among other things that the refresh route should not require the old token in the request payload (not being tied to a single access token).

Based on this, I have a few questions:

  1. Shouldn’t the refresh token be linked to a specific access token? If my access token has a jti, should I not store this in the database with the refresh token, so that a single refresh token can only be used for a single access token? If a refresh token is stolen, and it is not linked to an access token, this token can be used to generate a new access token regardless of what the old access token looks like. Sure, if it’s being rotated and an expired refresh token is used (i.e. real user attempts to refresh their expired access token), I can detect that the refresh token was breached and invalidate all of the user’s refresh tokens, but until then the attacker will be able to continue requesting new access tokens whenever they expire and have access to the user’s account.
  2. If an access token should not be sent to the refresh route (invalidating question 1), how is the payload for the new access token sourced? Is this retrieved fresh from the database? Should this happen anyway so that any changes made to the database are at most accessTokenTtl stale?
  3. What about the other information stored alongside the refresh token? In the example GitHub repo, the client id and user ip address are stored with the refresh token but not used for anything. Should a refresh token only be valid if the same ip address and client id are provided when a refresh is attempted? What if a user is on their mobile phone, for example, where their ip address can change quite frequently? This defeats the purpose of a long-lasting (weeks/months, not minutes or hours) refresh token.
  4. Is a refresh token of random characters sufficient? Can it be a JWT itself? I wanted to not store the refresh token in plain-text in the database, but in order to find the right token it needs to be stored alongside a unique identifier which is also a part of the payload. I.e. I could make the refresh token a JWT with a jti that is the id of the corresponding database row, and a random payload. This is sent to the user as a normal JWT, but it is hashed using bcrypt before being stored in the database. Then, when the refresh token is being used in the refresh route, I can validate the token provided by the user, grab the jti, find the hashed token in the database, and then compare them using bcrypt as you would with a user’s password.

What is the ideal technique to protect unauthorized redirects

I’m looking for the best way to secure unauthorized redirects by GET parameter where


I’m thinking about creating an unique identifier like using a hashing function (md5 for example) and check whether hash(url) === passed hash via GET to validate the redirect or deny it,

Where passed hash is within an html tag like: <a href="?url=url_here&hash=pre_calculated_here"> And I think this is bad because an attacker can figure it out, maybe add an unique HASH_SUFFIX by applying md5 to url+hash_suffix

What is the best way to protect my redirects?

Thank you.

Ideal time complexity in analysis of distributed protocol

I need some explanation about the definition of ideal time complexity. My textbook says:

The ideal execution delay or ideal time complexity, T: the execution delay experienced under the restrictions “Unitary Transmission Delays” and “Syn- chronized Clocks;” that is, when the system is synchronous and (in the absence of failure) takes one unit of time for a message to arrive and to be processed.

What is intended for “Syncronized Clocks”?

Take for example broadcast problem and flooding protocol.

In this protocol each uninformed node wait that some informed node (at the beginning only the source) send to it the information and next it resend the info to all neighbors.

Now the ideal time complexity of this protocol is at most the eccentricity of the source and so at most the Diameter of the comunication graph.

Now if the ideal time complexity is this, necessarily al nodes send message to neighbor in parallel, correct?

and we are assuming that:

  • The source send message to each neighbor => 1 unit of time
  • The neighbors of the source send message to them neighbors => 1 time

and so on.. until we reach the most far away node from the source.

It’s a correct view?

Ideal technique for ensuring a refurbished phone is clean of malware

I’m thinking of buying my next phone refurbished rather than new, since I can easily get something that meets my needs for a lot cheaper. But one concern is whether something might get surreptitiously installed on the phone before it gets to me.

The phone will be an Android of some description (haven’t picked a model yet, but leaning towards a refurbished Samsung S8).

Once I get the phone, what’s the ideal way to ensure that it’s completely clean. I’m planning to at least do a factory reset, but I’m looking for other things I can do to ensure that the image being used is clean (e.g. getting an image direct from the Manufacturer and use it as the recovery image).

I’d like to be able to get this down to a reasonably solid checklist of precautions and checks to perform.

Threat-model wise, I’m more concerned about malware here than nation-state actors, so I can live with being unable to protect against possibilities that require a highly sophisticated and well resourced adversary (e.g. hardware implants).

Calculate Ideal Body Weight for women and men with cool images

I'm selling my website http://www.tafsira7lam.com/ 8 years old domain
This website will help your visitors calculate their BMI (Body Mass Index)

Why this niche is important?
Weight has been one of the things most people have become focused on in later years
The body mass index or BMI as it’s usually shortened is a simple method, devised in order to determine, based on the height and current weight of a person whether or not they need to start working on losing weight fast….

Calculate Ideal Body Weight for women and men with cool images


We always follow google rules & regulation and use to white hat SEO method. Most Popular SEO Package, Great Mixture of Quality Links – Fantastic Results! High-quality backlinks to your website will give a facelift to your website’s popularity. To create backlinks, you should search for high-quality domains. It is a challenging task. We simplify this process for you. As we manage connections with hundreds of reliable and authority backlinks, we will help you achieve the unattainable task very easily!. Everyone knows the importance of links and Search engine loves manually done backlinks from authority sites. All Backlinks are 100% unique and Safe and Will reliable on the web, we use only high authority sites because only they can boost your sites. We have tested this ranking package over and over & its never fails. Here is what you will get: First Tier High-quality blog posts.Social NetworksForum ProfileSocial BookmarkingsHigh-quality wiki linksweb 2.0 ProfilesPFD submission And more Second Tier 100+ High-quality forum profiles.1000+ web 2.0 contextual links All the links will be added to the indexer. We always deliver the best to our clients which beyond their expectations. If you want to buy safe backlinks from high domain and page authority and rank your website higher then I’m here to help you! Best SEO, Real RESULTS!

by: seooracle
Created: —
Category: Link Building
Viewed: 170