The pseudo-random generated value of the randomValue
variable inside the MysteryBox::openBox
function can be predicted.
The pseudo-random generation of the randomValue
utilizes two values (block.timestamp
and msg.sender
) which are commonly advised against to use as source of randomness because they can be manipulated or predicted.
Add the following test to the existing test suite:
And execute it:
Malicious actors can:
predict which reward they will win before opening a box;
wait until the perfect time to open a box and win the most valuable reward.
Manual review
GNU Emacs (solidity-mode)
Foundry tests
Use a decentralized oracle for random number generation, such as Chainlink VRF.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.