Mystery Box

First Flight #25

Beginner FriendlyFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Valid

open box function has a weak randomness

ighodan

Summary :

The openBox() function in the contract contains a vulnerability related to weak randomness. The current implementation uses keccak256 with block timestamp and the message sender's address to generate random values, which is predictable and can be manipulated by miners. This weak randomness exposes the contract to manipulation and attacks, especially for operations involving rewards distribution. A more secure solution, such as using Chainlink VRF (Verifiable Random Function), should be implemented to ensure unpredictability and fairness in randomness generation.

Vulnerability Details

The vulnerability lies in the way the contract generates random values. In the function:

function openBox() public {

require(boxesOwned[msg.sender] > 0, "No boxes to open");

//weak randomness

// Generate a random number between 0 and 99

uint256 randomValue = uint256(keccak256(abi.encodePacked(block.timestamp, msg.sender))) % 100;

The randomness is based on block.timestamp and msg.sender, which are predictable and manipulatable:

block.timestamp can be influenced by miners within a small range.
msg.sender is a known value as it represents the address initiating the transaction.

As a result, an attacker or miner could manipulate the block timestamp or repeatedly call the function from different addresses until they receive a favorable outcome. This introduces a significant risk, particularly because the rewards structure involves Ether payouts, making it financially exploitable.

Impact

This vulnerability can lead to unfair manipulation of the rewards system, allowing malicious actors to repeatedly open boxes and increase their chances of getting high-value rewards like "Silver Coin" or "Gold Coin." The potential consequences include:

Unfair Distribution of Rewards: Attackers could gain more valuable rewards than intended by exploiting predictable randomness.
Financial Loss: Since rewards are tied to Ether values (e.g., 0.5 or 1 Ether), a successful exploitation could result in substantial financial loss for the contract's owner or the dApp's users.
Reduced Trust in the System: Users may lose confidence in the fairness of the system if they suspect that the randomness can be manipulated.

Tools Used

Code Review: Manual inspection of the code to identify the weak randomness pattern.

Solidity Static Analyzers (e.g., aderyn): To identify weak randomness and security vulnerabilities in the code.

Recommendations

Implement Chainlink VRF: Replace the current random value generation with Chainlink's Verifiable Random Function (VRF). This ensures that randomness is cryptographically secure and cannot be manipulated by miners or users.

Updates

Appeal created

inallhonesty Lead Judge 11 months ago

Submission Judgement Published

Validated

Assigned finding tags:

Weak Randomness

Rewards breakdown

nSLOC

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.