- First time dice are generated, stuff the current time into the dice roll (and hash it). This way anyone who cared could look at the dice values (via 'Quoting' your post) would be able to see when the dice roll was generated. If it's more than a few minutes away from the post time, something's weird. (This would make it harder to draft a post beforehand, fyi.)
- Find a way to insert an html element into the post to summarize all the rolls. Take the number of dice rolls in the post and show what the seed values should be for the post. If any of the seeds are different from what was expected, show a "Post rolls invalid" message or similar. Requires more immediate knowledge of phpbb post integration and how bbcode works than I currently have.
My version has been patched with a couple of other things:
- I fixed a bug in seed generation where the first couple of seeds aren't really using any entropy
- I made the secure= value a lot stronger, because I can otherwise extract the secret value used to "sign" all the rolls (due in part because of the first bug above, but also just because its so small)