First Flight #2: Puppy Raffle
First Flight #2
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

Miners can influence block.difficulty for the calculation of Rarity

denzi

Summary

block properties are not a good source of randomness as they are visible to miners before the transaction is approved. block.difficulty can be manipulated by miners. There exists are a weak PRNG issue in the mentioned LOC.

Vulnerability Details

// We use a different RNG calculate from the winnerIndex to determine rarity
uint256 rarity = uint256(keccak256(abi.encodePacked(msg.sender, block.difficulty))) % 100;
if (rarity <= COMMON_RARITY) {
tokenIdToRarity[tokenId] = COMMON_RARITY;
} else if (rarity <= COMMON_RARITY + RARE_RARITY) {
tokenIdToRarity[tokenId] = RARE_RARITY;
} else {
tokenIdToRarity[tokenId] = LEGENDARY_RARITY;
}

In these LOC, rarity is being computed by using block.difficulty which is a bad source of randomness, An attacker can be a miner who can manipulate the block.difficulty to increase/decrease the rarity.

Miners can choose to not include certain transactions to impact difficulty.

Impact

A miner can influence the difficulty of the block and in turn provide the winner with a lower or a higher rarity tokenID. This can disrupt the functionality of the protocol by manipulating the randomness and providing the winner the wrong rarity.

Tools Used

Slither and Manual Review

Recommendations

Use ChainlinkVRF to generate randomness instead of relying on block properties.

Updates

Lead Judging Commences

Hamiltonite Lead Judge almost 2 years ago
Submission Judgement Published
Validated
Assigned finding tags:

weak-randomness

Root cause: bad RNG Impact: manipulate winner

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.