TL;DR: Cause a collision in `mixkey` by using null bytes represented in JSON as `\u0000` to cause a wrap-around, guess the value of `smear`, and carefully craft a client seed to make the RNG spit out the same value for different nonces.

https://gist.github.com/pspaul/91007cd30f9186b90e928b1e41ab5838

Original writeup (http://localhost:4000/posts/justctf-2024-teaser-casino/).