Summary

The pseudo-random number generator in the searchForEgg function is vulnerable to prediction and manipulation because it relies on publicly available and potentially controllable inputs. This can allow adversaries or even miners to foresee or influence the outcome, undermining the fairness of the game.

Vulnerability Details

Predictable Inputs: The randomness is derived using keccak256 with inputs such as block.timestamp, block.prevrandao, msg.sender, and eggCounter. Since these values are either public or can be influenced (especially block.timestamp and block.prevrandao), the generated random number can be predicted.

Miner Manipulation: Miners have some control over block timestamps and the ordering of transactions, which can be exploited to influence the outcome in their favor.

Lack of Secure Entropy: The absence of a truly random and secret seed means that the randomness is pseudo and not secure, rendering the process susceptible to precomputation and targeted attacks.

Impact

Game Exploitation: Adversaries may repeatedly trigger the function at calculated times to maximize their chances of success, unfairly accumulating rewards.

Loss of Fairness: The integrity of the game is compromised as attackers can predict or even manipulate outcomes, leading to an imbalance in the game’s ecosystem.

Potential Financial Damage: Exploitation can lead to significant financial losses for both players and the game operator.

Tools Used

Manual Code Review

Recommendations

Use Secure Randomness Source: Integrate a verifiable random function (VRF) like Chainlink VRF to generate unpredictable and tamper-proof randomness.