The ChoosingRam::selectRamIfNotSelected
uses randomness in order to select a user as Ram, but the parameters used to generate randomness are deterministic and will be known to the node operator executing the transaction and thus allows them to execute the transaction at certain point which makes the outcome favorable for them.
The vulnerability is present in the ChoosingRam::selectRamIfNotSelected
function where it uses randomness which is deterministic as all the parameters used to generate it will be known already before executing the transaction.
It uses block.timestamp
and block.prevrandao
, and both of these parameters will already be known, and therefore a node operator executing the transaction will execute the transaction at certain point of time at which the values of these parameters makes the outcome in their favor.
Even though the organizer can also manipulate the executing of transaction in order to make a particular user as Ram by executing the transaction at a point at which those parameters provide the randomness they want.
Predictable randomness allows node operator to manipulate transaction outcome according to their choice.
Manual Review
Use a randomness which cannot be predicted, such as chainlink VRF.
The organizer is trusted, but the function `ChoosingRam::selectRamIfNotSelected` uses a way to generate a random number that is not completely random.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.