Submission Details
Severity:
WeakRandomness in `ChoosingRam::increaseValuesOfParticipants`
WeakRandomness in ChoosingRam::increaseValuesOfParticipants
Description:
The increaseValuesOfParticipants function in the ChoosingRam contract uses a weak randomness mechanism that relies on block.timestamp, block.prevrandao, and msg.sender to determine the random outcome. This method of generating randomness is susceptible to manipulation by miners and other participants, compromising the fairness and security of the selection process.
Proof of Concept:
https://prnt.sc/MwYhJ-eV-9t2
Recommended Mitigation:
Use chainlink VRF:https://docs.chain.link/vrf
Updates
Lead Judging Commences
bube about 1 year ago
Submission Judgement Published Reason: Too generic
Assigned finding tags:
Weak randomness in `ChoosingRam::increaseValuesOfParticipants`
nem0x001
about 1 year ago
bube
about 1 year ago
bube about 1 year ago
Submission Judgement Published Assigned finding tags:
Weak randomness in `ChoosingRam::increaseValuesOfParticipants`
Rewards breakdown
nSLOC
218This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.