First Flight #17: Dussehra

Description:

Issue 1: block.prevrandao Differences
In the functions choosingRam::selectRamIfNotSelected() and choosingRam::increaseValuesOfParticipants(), the block.prevrandao value differs significantly across some chains, causing predictable randomness, which compromises security:

• Arbitrum: Returns a constant value of 1 for block.prevrandao.

• zkSync: Returns a constant value of 2500000000000000 for block.prevrandao.
  This behavior allows an attacker to predict the selected RAM, undermining the randomness logic.

Issue 2: PUSH0 Opcode Compatibility
The PUSH0 opcode, introduced with the Ethereum Shanghai/Capella upgrades (EIP-3855), simplifies pushing a zero onto the stack. However, several blockchains and Layer 2 solutions may not support this opcode yet, leading to deployment failures and execution errors in contracts that use it.
Chains and L2s that may not support PUSH0:

• Binance Smart Chain (BSC)

• ZK-Rollups (e.g., zkSync, StarkNet)

• Arbitrum

Impact:

• Randomness Compromise: The predictability of block.prevrandao on Arbitrum and zkSync breaks the randomness logic, enabling attackers to manipulate and predict the randomly selected RAM.

• PUSH0 Incompatibility: Contracts using PUSH0 will face deployment failures and runtime errors on non-supporting chains, leading to incompatibility issues.

Proof of Concept:

block.prevrandao:

• Arbitrum docs: Arbitrum vs Ethereum - Solidity Support

• zkSync docs: zkSync - EVM Instructions

Recommended Mitigation:

• Randomness: Use a more secure and reliable method for randomness, such as Chainlink VRF (Verifiable Random Function), to avoid predictability issues across different chains.

• PUSH0 Compatibility: Verify the support for PUSH0 on the target chain before deploying contracts. For broader compatibility, consider alternative approaches to achieve similar functionality without relying on PUSH0.