First Flight #9: Soulmate

Vulnerable Randomness Method - Uses a weak PRNG

• Description:

  • Blockchains are deterministic, so this way of drawing winners is inefficient, insecure, and can be manipulated.

  • Using block.timestamp creates a predictable final number. A predictable number is not a good random number.

  • Malicious users can manipulate these values or know them ahead of time to choose the complement of the function return.

  niceWords[block.timestamp % niceWords.length];

• Impact:

  • Any user can influence the return of the Soulmate::readMessageInSharedSpace.

• Proof of Code:

  • Validators can know ahead of time the block.timestamp or block.difficultyand use that to predict when/how to participate. See the solidity blog on prevrandao. block.difficulty was recently replaced with prevrandao.

  • Using on-chain values as a randomness seed is a well-documented attack vector in the blockchain space.

• Recommendation:

  • Considering that the application of the vulnerable code doesn't result in any loss and would be pretty expensive to manipulate a function like that on Ethereum, there is no need to change the approach. However, this is not a best practice. Consider using a cryptographically provable random number generator such as Chainlink VRF in this case.