Mystery Box
First Flight #25
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Valid

Predictable Random Number Generation in `openBox` Function

lydiamt

Summary

The openBox function uses randomValue generated from msg.sender and block.timestamp, which can be predictable and vulnerable to exploitation.

Vulnerability Details

The openBox function attempts to generate a random number to determine the reward a user receives.

uint256 randomValue = uint256(keccak256(abi.encodePacked(block.timestamp, msg.sender))) % 100;

The function is designed to randomly select a reward for the user when they open a mystery box.
The random number is derived from block.timestamp and msg.sender. block.timestamp can be influenced slightly by miners, allowing them to manipulate the outcome. msg.sender is known to the user, enabling them to repeatedly call the function from different addresses to achieve a desired result.

Impact

An attacker could predict or manipulate the random number generated by the contract, allowing them to consistently obtain valuable rewards.This undermines the fairness of the reward distribution.

Tools Used

Manual Review

Recommendations

Using a secure method for random number generation such as Chainlink VRF, which provides provably fair and tamper-proof randomness. This ensures that the random number generation is resistant to manipulation, maintaining the integrity and fairness of the reward system.

Updates

Appeal created

inallhonesty Lead Judge 11 months ago
Submission Judgement Published
Validated
Assigned finding tags:

Weak Randomness

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.