Weak source of Randomness in selectWinner function
Summary
The rarity selection process in the PuppyRaffle contract is vulnerable to manipulation, as it relies on predictable sources of randomness, namely block.difficulty and msg.sender.
Vulnerability Details
The selectWinner function in the PuppyRaffle contract uses the following pseudo-random number generator to determine the rarity of the minted puppy:
This RNG is vulnerable to manipulation because the miners can control the block difficulty, so they could potentially influence the outcome of the rarity selection.
Additionally, because the attacker can see the current state of the blockchain, they can predict the value of blockhash and block.difficulty in advance, allowing them to compute the expected answer.
Impact
If this vulnerability is exploited, an attacker could potentially increase their chances of obtaining a legendary puppy. This could have a significant financial impact on the users of the PuppyRaffle contract, as legendary puppies are more valuable than common or rare puppies.
Tools Used
Foundry
Recommendations
Use chainlink vrf as a source of randomness
Lead Judging Commences
weak-randomness
Root cause: bad RNG Impact: manipulate winner
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.