Submission Details
Severity:
Weak randomness in `EggHuntGame::searchForEgg()` allows users to influence or predict the random number or if they are going to win.
Summary
Hashing `msg.sender`, `block.timestamp`, and `block.prevrandao` together creates a predictable number.A predictable number is not a good random number.
This implementation remains vulnerable to manipulation in production environments.
Impact
Attackers can predict future "random" numbers by monitoring public blockchain data and time transactions to influence outcomes.
Scenario
1. Validators can know ahead of time `block.timestamp` and `block.difficulty` and use that to predict when/how to participate.
2. User can mine/manipulate their `msg.sender` value to result in their address being used to generate the winner!
3. Users can revert their `searchForEgg()` transaction if they don't like the outcome or if they know they will fail.
Recommendations
There are some better way to generate random numbers like:
The chainlink VRF for randomness implementation. [See in https://docs.chain.link/vrf]
Updates
Lead Judging Commences
m3dython 8 months ago
Submission Judgement Published Assigned finding tags:
Insecure Randomness
Insecure methods to generate pseudo-random numbers
Rewards breakdown
nSLOC
129This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.