Validating a ticket is a hard task. Especially with a hyped event. The event official needs to validate if the ticket is the right ticket, and in some event, need to validate if the ticket is in the right ownership.

For the first problem, we can tackle those with symmetrical cryptography. We can have a protocol with a specific variable, or key, to generate a ticket serial number, then with those variables or keys in hand, we can reverse back the ticket serial number and check if it is truly generated by our system and not a forgery.

We can have a server that has an endpoint to receive the key and return whether the key is a forgery or a real key.

Or we can distribute the key to each official when a small offset point of time to the event started so that forgery by the official can be prevented. To distribute it, we can send the key to the client app that officials use to validate the key. This technique is more efficient than using a server app because there will be fewer failure points.