Function SpookySwap::trickOrTreat uses unsafe randomness
Summary
It is possible to predict when the the treat will be double-priced or half-priced due to bad randomness used in the SpookySwap::trickOrTreat function.
Vulnerability Details
There is no way to generate a random value on-chain in EVM. The function SpookySwap::trickOrTreat uses the expression below to generate a "random" value:
There are some problems with this code:
Validators can manipulate
block.timestampvalue in some degree, so a validator can affect the random value generationUsers can calculate the same value in their transaction and based on the calculated value decide to call SpookySwap::trickOrTreat or not
Impact
Price of the treat can be manipulated by validators, or users can just revert the transaction if the price does not satisfy them.
Tools Used
Manual review
Recommendations
Do not rely on any on-chain value to generate a random values. Consider to use Chainlink VRF for that purpose.
Appeal created
[invalid] Weak randomness
It's written in the README: "We're aware of the pseudorandom nature of the current implementation. This will be replaced with Chainlink VRF in later builds." This is a known issue.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.