Submission Details
Severity:
Block timestamp
Dangerous usage of block.timestamp. block.timestamp can be manipulated by miners.
Description
-
Bob's contract relies on block.timestamp for its randomness.
-
Eve is a miner and manipulates block.timestamp to exploit Bob's contract.
// function declareWinner() external gameNotEnded {
require(currentKing != address(0), "Game: No one has claimed the throne yet.");
require(
block.timestamp > lastClaimTime + gracePeriod,
"Game: Grace period has not expired yet."
);
## Risk
**Likelihood**:
* Reason 1 // On mainnet, the impact is small but non-negligible.
* Reason 2 // More relevant in high-frequency games or where seconds matter.
**Impact**:
* Impact 1 // miner can manipulates block.timestamp to exploit Bob's contract.
* Impact 2
## Proof of Concept
```solidity
// scenario.
// A game has a gracePeriod of 2 minutes.
// A validator waits until block.timestamp == lastClaimTime + gracePeriod - 2 seconds.
//They delay block production or adjust the timestamp slightly to make the condition pass earlier or later than expected.
//This small skew allows a validator (or someone colluding with one) to gain an unfair advantage.
Recommended Mitigation
Avoid relying on block.timestamp.
use Chainlink VRF for randomness
function declareWinner() external gameNotEnded {
require(currentKing != address(0), "Game: No one has claimed the throne yet.");
require(
- block.timestamp > lastClaimTime + gracePeriod,
"Game: Grace period has not expired yet."
);
+ Chainlink VRF
Updates
Appeal created
inallhonesty about 2 months ago
Submission Judgement Published Assigned finding tags:
block.timestamp in L2's
Rewards breakdown
nSLOC
181This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.