Beginner FriendlyFoundryNFT
100 EXP
View results
Submission Details
Severity: low
Valid

Weak Source of Randomness Used in `ChoosingRam::selectRamIfNotSelected` Can Be Influenced by Malicious Validator for Economic Gain

Summary

The random value used during ChoosingRam::selectRamIfNotSelected can be influenced by a malicious validator, which can be abused to guarantee a specific address is set for selectedRam.

Vulnerability Details

ChoosingRam::selectRamIfNotSelected determines the random value by hashing two block attributes (block.timestamp and block.prevrandao). Of these values, block.prevrandao is known beforehand, and block.timestamp can be influenced by validators.

Impact

A block's block.timestamp can be influenced by a malicious validator, resulting in a random value that is not truly random. This can be abused to guarantee a specific NFT tokenId is chosen to set selectedRam to a desired address for economic gain.

Tools Used

Manual Review

Recommendations

Use a better source of randomness, such as Chainlink VRF.

Updates

Lead Judging Commences

bube Lead Judge about 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

Weak randomness in `ChoosingRam::selectRamIfNotSelected`

The organizer is trusted, but the function `ChoosingRam::selectRamIfNotSelected` uses a way to generate a random number that is not completely random.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.