Predictable Randomness in `EggHuntGame`
Summary
The EggHuntGame contract utilizes on-chain data to generate random numbers for the searchForEgg function. This approach is susceptible to manipulation by miners or validators, leading to unfair outcomes.
Vulnerability Details
In the searchForEgg function, randomness is derived using the following line:
This method combines block.timestamp, block.prevrandao, msg.sender, and eggCounter to produce a pseudo-random number. However, both block.timestamp and block.prevrandao are controlled by miners or validators, making them exploitable. Malicious actors could manipulate these values to influence the randomness in their favor.
Impact
Manipulated Game Outcomes: Miners or validators can adjust block variables to increase their chances of finding an egg, leading to unfair advantages.
Erosion of Trust: Players may lose confidence in the game's fairness, affecting user engagement and the contract's reputation.
Tools Used
Manual code analysis
Understanding of Ethereum block properties and miner capabilities
Recommendations
-
Implement Chainlink VRF: Utilize Chainlink's Verifiable Random Function (VRF) to generate secure and unpredictable random numbers. Chainlink VRF provides cryptographic proofs that ensure the randomness is tamper-proof and verifiable on-chain.
-
Modify
searchForEggFunction: Integrate Chainlink VRF into thesearchForEggfunction to request and retrieve random numbers securely. This ensures that the egg-finding mechanism is fair and resistant to manipulation.
By adopting Chainlink VRF, the EggHuntGame can enhance its security and provide a trustworthy gaming experience for all participants.
Lead Judging Commences
Insecure Randomness
Insecure methods to generate pseudo-random numbers
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.