Mystery Box
First Flight #25
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Valid

Weak Randomness - Miners can predict the result of `openBox` function leading to them having unfair advantage.

gopinho

  1. Summary

The MysteryBox contract uses a weak random number generation method in its openBox function, which is vulnerable to prediction and manipulation. This can lead to attackers exploiting it to win rewards and exploiting the randomness aspect of the protocol.

Vulnerability Details

The root of the bug lies in this line of code

uint256 randomValue = uint256(keccak256(abi.encodePacked(block.timestamp, msg.sender))) % 100;

This method relies on block.timestamp and msg.sender, both of which are predictable or manipulable, making the randomness vulnerable.

Impact

Critical-High

The users or miners can have a way to know the result of openBox beforehand, which will result in them:

  1. Constantly win - Gold / Silver Coins.

  2. Revert transactions so they can avoid - Coal.

  3. Drain contract with unfair advantage / exploitation.

Tools Used

Manual Review.

Recommendations

Solidity in its nature has no secure way to generate truely random values so the recommentations are:

  • Use a verifiable random function (VRF) from a trusted oracle service like Chainlink VRF.

  • Use off chain solutions to generate true randomness.

Updates

Appeal created

inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

Weak Randomness

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!