`ChoosingRam.sol::selectRamIfNotSelected` is not verifiably random when choosing who will be selected Ram
Summary
In ChoosingRam.sol::selectRamIfNotSelected, when Ram is being selected, it is not done in a verifiably random way.
Vulnerability Details
When Ram is being selected using a random number, it uses properties of the Ethereum blockchain such as block.timestamp, block.prevrandao, and ramNFT.tokenCounter to create a seed for the keccak256 hash function. The result is then used to compute a random number based on how many ramNFT tokens exist to determine who is selected Ram.
Calculating a random number like this does provide a level of randomness; however, the data could potentially be manipulated through miner manipulation.
Impact
Potential manipulation when determining who is selected Ram. Ram is picked using values that can be manipulated unfairly rather than by using a service that picks a verifiably random number.
Tools Used
--Foundry
Recommendations
Use an Oracle service such a Chainlink VRF to select a random number to determine who is selected Ram.
Lead Judging Commences
Weak randomness in `ChoosingRam::selectRamIfNotSelected`
The organizer is trusted, but the function `ChoosingRam::selectRamIfNotSelected` uses a way to generate a random number that is not completely random.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.