Submission Details
Severity:
Weak Randomness when opening boxes allows users to always perform the most profitable transaction
Summary
openBox function`s predictable randomValue allows users to always call the function when the box opening will be the most profitable for them.
Vulnerability Details
Function openBox calculates a random value based on:
uint256(keccak256(abi.encodePacked(block.timestamp, msg.sender))) % 100.
Due to the deterministic nature of the blockchain, this value is not completely random and can be predicted, which means that box owners can open boxes when they know they will give the highest possible value and always get Gold Coins.
function openBox() public {
require(boxesOwned[msg.sender] > 0, "No boxes to open");
// Generate a random number between 0 and 99
uint256 randomValue = uint256(keccak256(abi.encodePacked(block.timestamp, msg.sender))) % 100;
// Determine the reward based on probability
if (randomValue < 75) {
// 75% chance to get Coal (0-74)
rewardsOwned[msg.sender].push(Reward("Coal", 0 ether));
} else if (randomValue < 95) {
// 20% chance to get Bronze Coin (75-94)
rewardsOwned[msg.sender].push(Reward("Bronze Coin", 0.1 ether));
} else if (randomValue < 99) {
// 4% chance to get Silver Coin (95-98)
rewardsOwned[msg.sender].push(Reward("Silver Coin", 0.5 ether));
} else {
// 1% chance to get Gold Coin (99)
rewardsOwned[msg.sender].push(Reward("Gold Coin", 1 ether));
}
boxesOwned[msg.sender] -= 1;
}
Impact
The random nature of the game is ruined and users can always get the most profitable coin. Depending on the box pricing, the protocol can also be at a loss and be drained.
Tools Used
Manual Review
Recommendations
Use ChainLink VRF to get truly random values
Rewards breakdown
nSLOC
86This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.