Aptos Pizza Drop

Cyfrin

Beginner FriendlyGameFi

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Valid

M01. Predicatable randomness

accessdenied

Root + Impact

Description

The pizza_drop::airdrop module is intended to assign each registered user a random amount of APT (between 100–500 APT) when they register for the airdrop.

However, the randomness source used is timestamp::now_microseconds(), which is fully observable and manipulable by validators or users submitting transactions. This allows attackers to predict or slightly influence the assigned amount.

#[randomness]

entry fun get_random_slice(user_addr: address) acquires ModuleData, State {

let state = borrow_global_mut<State>(get_resource_address());

let time = timestamp::now_microseconds();

@> let random_val = time % 401;

@> let random_amount = 100 + random_val; // Randomness depends only on timestamp

table::add(&mut state.users_claimed_amount, user_addr, random_amount);

}

Specific Issue

Using timestamps as randomness is insecure because the value is predictable and can be influenced by transaction ordering or submission time.
Malicious users could time registration transactions to get the maximum payout (500 APT), or otherwise bias the distribution.

Risk

Likelihood: High

Every registration call uses timestamp::now_microseconds().
Validators and users can observe or manipulate timestamps to gain advantage.

Impact: High

Users may consistently receive higher payouts than intended.
The airdrop distribution becomes unfair, defeating the intended randomness and fairness guarantees.

Proof of Concept

A malicious validator can bias the result easily by selecting which block to put the transaction depending of the timestamp which give the best reward

Recommended Mitigation

Use a verifiable or deterministic randomness source instead of timestamps:
Use the Aptos randmness API: https://aptos.dev/build/smart-contracts/randomness

aptos_framework::randomness::u64_range(100, 500);

Updates

Appeal created

bube Lead Judge 9 days ago

Submission Judgement Published

Validated

Assigned finding tags:

Predictable randomness

The `get_random_slice` function should only be called by the owner via the `register_pizza_lover` function. Also, the `owner` is trusted and will not choose a specific time for a new user to register. Therefore, I disagree with the claim of most reports in this group that an attacker can manipulate the random number of pizza slices. But I agree with the root cause of the reports in this group, that the random distribution is not completely random.

Rewards breakdown

nSLOC

125

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.