Mystery Box

Summary

The openBox() function in the MysteryBox contract uses an insecure pseudo-random number generator (PRNG) that relies on block.timestamp and msg.sender to generate random values. These inputs are predictable and can be manipulated by attackers, allowing them to influence the results of the randomness-based operations. This vulnerability compromises the fairness of the mystery box system, potentially leading to the unfair distribution of rewards.

Vulnerability Details

The openBox() function uses the following code to generate a random value:

Weaknesses in the PRNG:

• block.timestamp: The block timestamp can be influenced by miners, and it is easily predictable in the context of a public blockchain.

• msg.sender: The sender of the transaction (msg.sender) is also a known value and can be manipulated by an attacker.

• Using these predictable inputs makes the random value output predictable, thus reducing the security of any operation that depends on randomness.

Example Scenarios

Predictable Random Outcome Scenario:

Initial Setup: An attacker observes that the openBox() function uses block.timestamp and msg.sender as inputs for randomness.

Execution: The attacker creates multiple transactions at different block timestamps or alters their own address to manipulate the randomness generated in the openBox() function.

Outcome: The attacker can consistently predict the random value and obtain the most favorable rewards from the mystery box, which undermines the fairness and security of the contract.

Impact

The weak PRNG allows attackers to:

• Predict and control the random outcome, leading to unfair distribution of rewards.

• Exploit the contract by repeatedly obtaining favorable results, potentially draining the contract of its valuable rewards.

Tools Used

Manual Review

Recommendations

Use a Secure Source of Randomness:

• Implement Chainlink VRF (Verifiable Random Function) or other secure randomness sources to ensure unpredictability and fairness in randomness-based operations.