Pseudo randomness in `ChoosingRam::selectRamIfNotSelected`
Summary
Pseudo randomness in ChoosingRam::selectRamIfNotSelected gives the power of the organizer, not to choose a particular user, if they decide so.
Vulnerability Details
In blockchain randomness similar to that in the above function is predetermined
uint256 random = uint256(keccak256(abi.encodePacked(block.timestamp, block.prevrandao))) % ramNFT.tokenCounter();= uint256(keccak256(abi.encodePacked(block.timestamp, block.prevrandao, msg.sender))), so the organizer can know the "random number" beforehand. For randomness to be generated in a blockchain something like Chainlink VRF is required.
Impact
The organizer can pre-run the code locally with the arguments that return the random number, see if the winning user is someone, that the organizer would like to win, and then decide if they should call ChoosingRam::selectRamIfNotSelected or wait for the random user to be changed. That leads to an unfair advantage for the user.
Tools Used
Manual Review
Recommendations
Replace the pseudo-randomness with Chainlink VRF.
Lead Judging Commences
Weak randomness in `ChoosingRam::selectRamIfNotSelected`
The organizer is trusted, but the function `ChoosingRam::selectRamIfNotSelected` uses a way to generate a random number that is not completely random.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.