LLMOracleCoordinator::assertValidNonce
is supposed to make it more difficult to calculate the nonce when the corresponding TaskRequest::params::difficulty
is set to a large number. However, due to the logical flaw in the code, the inverse happens. In other words, it's easier for a task with higher difficulty to come up with a nonce that passes the assertion.
Proof of work mechanism is designed to protect the protocol from being spammed with responses and validations from bad actors.
In this codebase the puzzle to solve for nonce is such that
HASH(fn(nonce, task)) > UINT_MAX / (2 ^ DIFFICULTY)
Firstly we can observe that in the above inequality the following holds true for right hand side
0 < RHS <UINT_MAX
In the formula, we can see that when difficulty increases, the value of the right hand side decreases, which means there are more number of values that the left hand side can take up to satisfy the inequality. This means higher the difficulty, easier it is to find the nonce.
May potentially increase the number of spam responses and validations
Manual Analysis
One way I can think of is to reverse the logic. So make it <
instead of >
.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.