Randomness Vulnerability Using Block Timestamp
Summary
The contract uses block.timestamp and msg.sender to generate randomness when opening a mystery box. This method is insecure and allows miners to manipulate the outcome of the rewards by controlling the block timestamp.
Vulnerability Details
In the openBox() function, the following line generates randomness:
Using block.timestamp for randomness is unsafe because miners can adjust the timestamp within a small range, allowing them to predict or influence the generated random value, thus skewing the reward probabilities in their favor.
Impact
An attacker, especially a miner, can manipulate the block timestamp to increase their chances of getting high-value rewards. This compromises the fairness of the reward distribution, potentially leading to financial losses for the contract and users.
Tools Used
Manual code review
Recommendations
Replace the pseudo-random number generation with a secure method, such as using Chainlink VRF to ensure unbiased and tamper-proof randomness.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.