Weak PRNG
Summary
Weak Pseudo-Random Number Generator used in ChoosingRam::increaseValuesOfParticipants function.
Vulnerability Details
Hashing msg.sender, block.timestamp, block.prevrandao together creates a predictable final number. A predictable number is not a good random number. Malicious users can manipulate these values or know them ahead of time so that they can be selected as ram.
Validators can know ahead of time the block.timestamp and block.prevrando and use that knowledge to predict when / how to participate. See this article on prevrando here.
Users can mine/manipulate the msg.sender value to result in their address being used to generate a random number in their favour.
Users can revert the
ChoosingRam::increaseValuesOfParticipantstransaction if they do not like the resulting random number.
Impact
A user can choose which address becomes the ram. Therefore getting the ether rewards sent to the ram.
Tools Used
Static Analysis (slither)
Manual Analysis
Recommendations
Consider using a cryptographically provable random number generator such as Chainlink VRF.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.