Eggstravaganza

First Flight #37

Beginner FriendlySolidity

100 EXP

View results

Previous Next

Submission Details

Severity: high

Valid

Pseudo-Random Number Generation

proofofexploit

Description:

The searchForEgg function uses a pseudo-random number generation method based on keccak256 hashing with the following inputs: block.timestamp, block.prevrandao, msg.sender, and eggCounter. This approach is not cryptographically secure and can be predicted by an attacker, making it unsuitable for use in a game with real stakes or for securing random actions in smart contracts.

The current method attempts to generate randomness by combining various block data and transaction details. However, these values can be influenced or predicted by miners and other participants, which could allow malicious users to exploit the system.

Impact:

The randomness generated by keccak256 using predictable inputs is not secure and can be manipulated. This could lead to biased game results, with participants potentially predicting or controlling the outcome. In a game scenario like this, where the fairness of egg discovery is important, this could severely impact the integrity of the game and user trust.

Line: https://github.com/CodeHawks-Contests/2025-04-eggstravaganza/blob/main/src/EggHuntGame.sol#L70

Proof of Concept:

In the current contract, the pseudo-random number is generated as follows:

uint256 random = uint256(

keccak256(abi.encodePacked(block.timestamp, block.prevrandao, msg.sender, eggCounter))

) % 100;

This number can be influenced by:

The current block timestamp (block.timestamp), which can be manipulated by miners.

block.prevrandao, which is the previous block’s randomness and can also be influenced by the block producer.

msg.sender and eggCounter, which are known to the caller and thus predictable.

An attacker could potentially use knowledge of the current block timestamp or prevrandao to predict the random number outcome.

Recommended Mitigation:

To improve randomness and ensure fairness, it's recommended to use a secure and verifiable source of randomness, such as Chainlink VRF (Verifiable Random Function). Chainlink VRF provides a cryptographically secure random number that can be verified on-chain, ensuring that the randomness used for decisions in the contract is truly unpredictable.

Example of using Chainlink VRF:

Import Chainlink VRF and implement the required interface.
Request a random number from the Chainlink VRF service.
Use the resulting random number in the game logic.

Updates

Lead Judging Commences

m3dython Lead Judge 3 months ago

Submission Judgement Published

Validated

Assigned finding tags:

Insecure Randomness

Insecure methods to generate pseudo-random numbers

Rewards breakdown

nSLOC

129

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.