Pseudo-Randomness Vulnerability
Summary:
The openBox() function uses pseudo-randomness by relying on block.timestamp and msg.sender, which are easily predictable. This vulnerability allows attackers to manipulate reward outcomes and consistently win high-value rewards.
Vulnerability Details:
The random value in the openBox() function is calculated using block.timestamp and msg.sender, which are publicly accessible values that can be predicted or manipulated by miners or attackers.
-
Location:
openBox()uint256 randomValue = uint256(keccak256(abi.encodePacked(block.timestamp, msg.sender))) % 100;
Impact:
-
Predictable Rewards: Attackers can manipulate block timestamps or craft transactions to increase the likelihood of receiving more valuable rewards, thereby undermining the integrity of the reward system.
-
Economic Loss: Legitimate users may receive only low-value rewards, while attackers consistently gain higher-value rewards, leading to significant financial imbalances.
Tools Used:
Manual Code Review
Remix IDE
Recommendations
Recommendations:
Use an external oracle service, such as Chainlink VRF, for secure and verifiable randomness generation.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.