First Flight #10: One Shot
First Flight #10
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

Weak randomness in `Streets::unstake` allows users to influence or predict the `Streets::daysStaked`.

badal_sharma09

Description: In the Streets::unstake function subtracting block.timestamp with stakes startTime and then dividing by 1 day creates a predictable find number. A predictable number is not a good random number. Malicious users can manipulate these values to update their rapperStats themselves according to their choice.

.
.
.
uint256 stakedDuration = block.timestamp - stakes[tokenId].startTime;
uint256 daysStaked = stakedDuration / 1 days;
.
.
.

Impact: Any user can influence the rapperStats of the Rapbattle, manipulate RapBattle::BASE_SKILL, RapBattle::VIRTUE_INCREMENT, RapBattle::VICE_DECREMENT accourding to their choice. Making the entire OneShot::rapperStats worthless.

Proof of Concept:

  1. Validators predicting block.timestamp can significantly manipulate their participation.

  2. Users can predict the value and update the rapperStats of the Rapbattle::getRapperSkill according to their choice, making their address the preferred one to manipulate the rapperStats.

Recommended Mitigation: A cryptographically verifiable random number generator, such as Chainlink VRF, could substantially mitigate such issues.

Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

Weak Randomness

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.