A working notebook on poker AI in the GGPoker ecosystem.

What we mean by "poker bot" in 2026

The phrase "poker bot" has been overloaded so badly that almost every public discussion starts from the wrong premise. For the purpose of this site, a poker bot is a piece of software that takes visible game state as input — hole cards on its own seat, community cards, action history, stack sizes, position, opponent betting frequencies — and emits an action under a real-time latency budget. It does not read packets, it does not see opponent hole cards, and it does not predict the deck. Everything it does, a sufficiently fast human with the same information could in principle do; the bot just does it consistently and at scale.

The interesting work happens in three layers stacked under that definition. The first is a solver-anchored baseline: pre-computed strategies from counterfactual regret minimisation (CFR) variants, often via PioSolver or GTO+ for heads-up trees and MonkerSolver for multiway. These are too large to run online and too slow to query naively; the production system compresses them into action-frequency tables keyed on bucketed game states. The second is the opponent model, which is where the modern research lives: lightweight online updates that converge in tens to low hundreds of hands against an anonymous opponent. The third is a policy combiner that decides how much to deviate from the baseline given the current opponent estimate, and bakes in detection-aware behavioural noise.

The GGPoker ecology in one page

GGPoker is operated by NSUS Group and is, by traffic, the largest cash and tournament network in 2026. The interesting properties from a research perspective are not the marketing surfaces (PokerStars-style sponsorships, Daniel Negreanu as ambassador, the WSOP tie-in) but the architectural choices that shape what a bot can and cannot do.

Three matter most. Anonymous tables with rotating screen names collapse the long-horizon HUD attack — there is no stable identifier to accumulate 50,000 hands against. Their Smart HUD is operator-controlled and intentionally limited; third-party HUDs and overlays are banned. And PokerCraft, the customer-facing analytics product, is a thin slice of an internal model that the security team runs against the entire player base looking for statistical outliers. That last one is the real teeth of the detection system, not the things players see.

GGPoker formats by automation difficulty

Format	Stack depth	State complexity	Solver coverage	Automation difficulty
NLH 6-max cash	100bb	Medium	Strong (Pio, GTO+)	Low — solved baseline, exploit layer dominates
NLH full-ring cash	100bb	High (multiway)	Partial (Monker)	Medium — multiway trees blow up
Rush & Cash	100bb	Medium	Same as 6-max	Low, but seat-changes complicate opponent model
PLO 6-max / Rush & Cash	100bb	High	Moderate (MonkerSolver)	Medium-high — equity distributions flatten
Spin & Gold	25bb start	Medium	Strong (Pio HU/3-max)	Low for math, medium for multiplier-aware ICM
MTT	Variable	Very high (ICM, bubble)	Patchy	High — open research area

How detection actually works

Detection topology at a serious operator is layered, asynchronous and weighted. No single signal is dispositive; the system aggregates evidence over weeks or months and only escalates when the accumulated score crosses a threshold tuned against false-positive budget. The four layers that visibly affect customer accounts:

Behavioural fingerprinting

Input-timing distributions, touch-dwell on mobile, mouse-path curvature on desktop, action-confirmation latency. The signal that bites naive implementations: snap-decisions with sub-200ms variance against opponents whose own snap-decisions vary by 400ms or more.

Statistical play-pattern analysis

Distributional outliers: VPIP/PFR ratios that sit on solver mass with too-low variance, bet-sizing that clusters on exact pot fractions, fold-to-3bet frequencies that match population by ±0.5pp across thousands of hands. Pure GTO output is paradoxically easier to flag here than a noisier strong-human strategy.

Anti-collusion graph models

Account graphs joined by IP, device fingerprint, deposit method, KYC document, and table co-occurrence. This layer catches most of the high-impact bans (chip dumping, soft-play) — botting is a side-product when an operator runs a bot farm under one fingerprint.

Human review on flagged accounts

The decisive layer. Mathematical models propose; humans decide. A reviewer reads hand history, looks at chat behaviour, checks whether the account ever sits out for a phone call. Most botting bans are signed off here, not in an automated rule.

Areas covered on this site

Open questions for developers

The notes on this site are not finished. Five threads I think are genuinely open and would welcome discussion on:

1. Online opponent-model convergence. Under anonymous-table rotation, what is the minimum hand count for a useful exploitative deviation? The current empirical floor sits around 80-150 hands for a generic VPIP/PFR/3-bet sketch; can a Bayesian prior on the population distribution cut this to 40-50 while staying robust to fish-vs-reg priors?
2. Multi-table state isolation. Running four GGPoker tables on a single device with a shared opponent cache without leaking timing correlations across hands. The naive implementation gets caught on cross-table action-latency synchronisation.
3. Detection-aware policy combiners. Treating the operator's classifier as a noisy adversary and shaping the output distribution to maximise EV under a budgeted detection probability. The literature on adversarial classification (Dalvi et al. 2004 onward) is mostly about spam; the poker case is more interesting because the cost matrix is asymmetric.
4. LLM-augmented decision support. Frontier LLMs are bad at poker — they hallucinate ranges, misapply ICM, and have no calibrated frequency intuition. Are they useful at all? Tentatively, yes, for hand-history annotation and exploit hypothesis generation, but not for live decisions.
5. MTT automation. ICM, bubble factor, and stack-depth variance make tournaments meaningfully harder to automate than cash. The interesting question is not "can it be done" but "where does the EV-per-engineering-hour curve flatten."

If you have data or implementation experience on any of these, please get in touch. The site is read more often than it is written; serious correspondence moves the notes faster than my own grinding does.