Dria

Swan
NFTHardhat
21,000 USDC
View results
Submission Details
Severity: low
Invalid

Increase in spam from LLM responses & validations due to logical flaw in `LLMOracleCoordinator::assertValidNonce`

Summary

LLMOracleCoordinator::assertValidNonce is supposed to make it more difficult to calculate the nonce when the corresponding TaskRequest::params::difficulty is set to a large number. However, due to the logical flaw in the code, the inverse happens. In other words, it's easier for a task with higher difficulty to come up with a nonce that passes the assertion.

Description

Proof of work mechanism is designed to protect the protocol from being spammed with responses and validations from bad actors.

In this codebase the puzzle to solve for nonce is such that

HASH(fn(nonce, task)) > UINT_MAX / (2 ^ DIFFICULTY)

Firstly we can observe that in the above inequality the following holds true for right hand side

0 < RHS <UINT_MAX

In the formula, we can see that when difficulty increases, the value of the right hand side decreases, which means there are more number of values that the left hand side can take up to satisfy the inequality. This means higher the difficulty, easier it is to find the nonce.

Impact

May potentially increase the number of spam responses and validations

Tools Used

Manual Analysis

Recommended Mitigations

One way I can think of is to reverse the logic. So make it < instead of >.

Updates

Lead Judging Commences

inallhonesty Lead Judge
8 months ago
inallhonesty Lead Judge 8 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.