Dangerous Usage of Block Timestamps
Summary
The ScoreBoard and ThePredicter contracts contain several instances where block timestamps are used for critical comparisons. Reliance on block.timestamp can be dangerous because it can be manipulated, potentially leading to unexpected and exploitable behavior in the contracts.
Vulnerability Details
ScoreBoard.setPrediction
Location: ScoreBoard.setPrediction (src/ScoreBoard.sol#60-70)
Dangerous Comparison:
ThePredicter.register
Location: ThePredicter.register (src/ThePredicter.sol#43-57)
Dangerous Comparison:
ThePredicter.makePrediction
Location: ThePredicter.makePrediction (src/ThePredicter.sol#83-94)
Dangerous Comparison:
Impact
Since block.timestamp can be manipulated within a certain range, using it for critical comparisons can lead to unpredictable and exploitable behavior. Attackers could potentially manipulate the timestamp to benefit from certain conditions being met or avoided.
Tools Used
Manual code
Recommendations
-
Avoid Using Block Timestamps for Critical Comparisons: Instead of relying on block.timestamp, consider using mechanisms that are not susceptible to miner manipulation. For example, use block numbers for time comparisons and calculate elapsed time using the block number and average block time.
-
Implement Time Windows: For time-sensitive operations, define acceptable time windows and ensure the logic can tolerate minor deviations in block timestamps.
-
Use Oracle Services: For high-stakes scenarios, consider using off-chain oracle services like Chainlink to provide reliable time data.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.