Deterministic randomness used in `ChoosingRam::selectRamIfNotSelected` makes the node operator to manipulate the transaction execution to get a favorable outcome
Summary
The ChoosingRam::selectRamIfNotSelected uses randomness in order to select a user as Ram, but the parameters used to generate randomness are deterministic and will be known to the node operator executing the transaction and thus allows them to execute the transaction at certain point which makes the outcome favorable for them.
Vulnerability Details
The vulnerability is present in the ChoosingRam::selectRamIfNotSelected function where it uses randomness which is deterministic as all the parameters used to generate it will be known already before executing the transaction.
It uses block.timestamp and block.prevrandao, and both of these parameters will already be known, and therefore a node operator executing the transaction will execute the transaction at certain point of time at which the values of these parameters makes the outcome in their favor.
Even though the organizer can also manipulate the executing of transaction in order to make a particular user as Ram by executing the transaction at a point at which those parameters provide the randomness they want.
Impact
Predictable randomness allows node operator to manipulate transaction outcome according to their choice.
Tools Used
Manual Review
Recommendations
Use a randomness which cannot be predicted, such as chainlink VRF.
Lead Judging Commences
Weak randomness in `ChoosingRam::selectRamIfNotSelected`
The organizer is trusted, but the function `ChoosingRam::selectRamIfNotSelected` uses a way to generate a random number that is not completely random.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.