Weak Randomness in `ChoosingRam::selecRamIfNotSelected` allows for influence over selected RAM
Summary
Both block.timestamp and block.prevrando can be influenced by miners and are not truly random, miners can control the tiemestamp and may have some knowledge of previous block hashes allowing them to potentially choose exactly the chracteristics they wish for their respective NFTs. Thus manipulating the protocol in an unfair way for compared to normal users.
Vulnerability Details
Vulnerability Details
Validators can know ahead of time
block.timestampandblock.prevrandoand use that to predict when/how to participate in the raffle.Users can manipulate their
msg.sendervalue to result in their addresses being used to generate specific characeristics.Users can revert their
increaseValuesOfParticipantsif they dont like their NFT chracteristics.
Using on-chain values as a randomness seed is a [well-documented attack vector]
Impact
Assigning this exploit as High impact, due to it effectively ruining hte integrity of the overall protocol. Having the ability to circumvent the implemented randomness results in a very unfair advantage to normal holders of the NFT. Having the ability to create and give your NFT the exact characteristics you want completely defeats the point of the protocol.
Tools Used
Slither and manual analysis.
Recommendations
Consider using Chainlink VRF in place of this logic, chainlink VRF provides a cryptograhpically provable random number. https://docs.chain.link/vrf
Lead Judging Commences
Weak randomness in `ChoosingRam::selectRamIfNotSelected`
The organizer is trusted, but the function `ChoosingRam::selectRamIfNotSelected` uses a way to generate a random number that is not completely random.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.