Predictable Rarity
Summary
This issue continue from the #3 Predictable Winner
Generating random numbers lacks true randomness and is predictable.
If attacks become the winner, attackers can exploit this predictability to repeatedly win the legendary,"LEGENDARY RARITY" NFT.
Furthermore, attackers can potentially receive only the "LEGENDARY RARITY" NFT
Vulnerability Details
Generating random numbers lacks true randomness and is predictable.
As a result, attackers can reproduce the random number generation process and execute the selectWinner function multiple times until they successfully win and obtain the LEGENDARTY NFT prize.
Moreover, attackers may attempt to implement the onERC721Received function to ensure they only receive the "LEGENDARY RARITY" NFT.
Impact
-
Repeated NFT Exploitation: Attackers can consistently exploit the predictability to optain the valuable "LEGENDARY RARITY" NFT, potentially depriving other participants of their chances.
-
Loss of Trust: The predictability of the random number generation mechanism decrease trust in the fairness of the selection process in the project.
-
Potential Financial Loss: If the "LEGENDARY RARITY" NFT holds significant monetary value, this vulnerability can lead to financial losses for both the project and participants.
Example Attack Code
Here: https://gist.github.com/filmptz/489c6770dc1e0b5a20d0490c2dc95512#file-attack-sol-rarity
Tools Used
VS Code: Manual
Recommendations
Do not use on-chain data to generate the random numbers I recommend implementing an off-chain random number generation mechanism using a verifiable source of randomness, such as an oracle or a commit-reveal scheme, to ensure true randomness.
Lead Judging Commences
weak-randomness
Root cause: bad RNG Impact: manipulate winner
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.