Company Simulator
First Flight #51
Beginner FriendlyDeFi
100 EXP
View all submissions
Previous Next
Submission Details
Impact: medium
Likelihood: medium

Weak/randomness

Author Revealed upon completion

Root + Impact

The pseudo-random seed uses keccak256(concat(convert(block.timestamp, bytes32), convert(msg.sender, bytes32))). This is predictable and manipulable by miners (they influence timestamp slightly) and by users (msg.sender is known).

Description

  • Attackers (or miners) can bias requested or extra_item_chance to obtain more items, especially when inventory is low. This can be used to drain inventory or exploit timing.

// Root cause in the codebase with @> marks to highlight the relevant section
@>
seed: uint256 = convert(
keccak256(
concat(
convert(block.timestamp, bytes32), convert(msg.sender, bytes32)
)
),
uint256,
)

Risk

Likelihood:

  • A miner can include a transaction at a timestamp that yields a favorable seed or an attacker can try call ordering/back-running to hit a favorable block timestamp.

Proof of Concept

Use a secure randomness source (Chainlink VRF) for important value. If VRF is not available, do not rely on on-chain timestamp randomness for value-sensitive decisions; at minimum use blockhash of a previous block (still not secure) and combine multiple entropy sources and limit the impact of randomness on economic outcome.

Recommended Mitigation

  • Use a secure randomness source (Chainlink VRF) for important value. If VRF is not available, do not rely on on-chain timestamp randomness for value-sensitive decisions; at minimum use blockhash of a previous block (still not secure) and combine multiple entropy sources and limit the impact of randomness on economic outcome.

- remove this code
# Pseudo-random demand calculation
seed: uint256 = convert(
keccak256(
concat(
convert(block.timestamp, bytes32), convert(msg.sender, bytes32)
)
),
uint256,
)
+ add this code

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.