Mystery Box

Summary

Current random value generation in openBox() function is set by uint256 randomValue = uint256(keccak256(abi.encodePacked(block.timestamp, msg.sender))) % 100;where block.timestamp is vulnerable to manipulation by miners and msg.senderis fixed and fully known by the sender.

Vulnerability Details

Users or miners can predict or manipulate the randomValue and increase their chances of receiving better rewards (like the Gold Coin) by tweaking the block's timestamp to influence the output of the keccak256 hash, thus making the randomValue predictable and exploiting the system.

Impact

Since msg.sender is known and block.timestamp is partially controllable, the randomness in the keccak256 hash is very low, making it susceptible to attacks. By manipulating the randomValuemalicious users would be able to win higher rewards and even draining the protocol of funds as the boxPrice is set to 0.1 ETH and the Gold Coin prize is 1 ETH.

Tools Used

Manual review

Recommendations

A secure randomness provider is essential to ensure fair outcomes. One common approach is using Chainlink VRF, which provides provably random numbers that cannot be tampered with by miners or users.