Weak Randomness in `EggHuntGame::searchForEgg` function might lead to game manipulation risk
Description: The contract relies on block.timestamp, block.prevrandao, and msg.sender to generate pseudo-random numbers. These values can be partially controlled or predicted by malicious actors (e.g., miners), especially in a public network, making it possible to manipulate the result of EggHuntGame::searchForEgg function.
Impact: A malicious player or miner could increase their chances of finding an egg, gaining unfair advantage in the game, and disrupting game fairness and token economy
Proof of Concept:
An attacker could call EggHuntGame::searchForEgg function in a block they mine themselves or repeatedly call it across multiple transactions and blocks to eventually hit a winning result
Recommended Mitigation: Avoid relying on block variables for randomness. Instead:
-
Use Chainlink VRF for secure randomness.
-
Or, if full trustless randomness isn't required, make randomness off-chain and verifiable (signed results from backend + ECDSA).
Lead Judging Commences
Insecure Randomness
Insecure methods to generate pseudo-random numbers
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.