Manipulation of NFT Rarity in Raffle Winner Selection
Summary
The function selectWinner() is vulnerable to RNG manipulation. The vulnerability identified in this function is related to the manipulation of the rarity of the Non-Fungible Tokens (NFTs) that are minted as prizes for the winners of the raffle, thanks to block.difficulty.
Vulnerability Details
The vulnerability lies in the following line of code:
The rarity variable is calculated using a random number generation (RNG) mechanism based on the hash of the msg.sender address and the block.difficulty. However, this RNG mechanism is predictable and can be manipulated by a malicious validator.
Impact
By manipulating the RNG mechanism, a malicious validator can control the rarity assigned to the NFTs that are minted as prizes for the raffle winners. This can lead to unfair distribution of NFTs, potentially devaluing the rarity and undermining the integrity of the raffle system.
Tools Used
Manual review
Recommendations
To address this vulnerability, it is recommended to use a more secure and unpredictable source of randomness for determining the rarity of the NFTs. Consider integrating with a trusted external randomness oracle (like Chainlink).
Lead Judging Commences
weak-randomness
Root cause: bad RNG Impact: manipulate winner
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.