Predictable Randomness via block.prevrandao in Egg Hunt Game
Summary:
The searchForEgg() function uses block.prevrandao as part of its pseudo-random number generation mechanism to determine if a user successfully finds an egg. While this value adds some randomness, it is not secure against manipulation by block producers (validators). This opens the game to front-running and randomness manipulation, especially in a high-stakes or reward-based setting.
Vulnerability Details:
block.prevrandao is derived from block randomness, which is set by the validator who produces the block.
-
Since
searchForEgg()can be publicly called, validators may:Front-run the transaction by submitting their own just before the participant’s.
Selectively include or exclude transactions depending on whether their
keccak256hash yields a winning result (random < eggFindThreshold).
-
This allows malicious validators or incentivized miners to manipulate the outcome of egg discovery.
Impact:
Unfair advantage: Validators can ensure their own egg finds are successful while blocking others.
Game imbalance: Honest players are at a disadvantage against manipulators.
Tools Used:
Mannual code review
Recommendations:
1.Commit-reveal scheme
Participants first commit a secret hash (
keccak256(secret)).Later, they reveal the secret.
2.Chainlink VRF
Use Chainlink’s Verifiable Random Function (VRF) for provably fair randomness.
Lead Judging Commences
Insecure Randomness
Insecure methods to generate pseudo-random numbers
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.