The function randomIndex tries to increase the nonce.
However the statement nonce.add(1) doesn't work.
It adds 1 to the nonce and then throws the result away.
The nonce is only used for randomness (which isn't really random anyway), so the risk is low.
Proof of Concept
function randomIndex() internal returns (uint) {
...
nonce.add(1);
Handle
gpersoon
Vulnerability details
Impact
The function randomIndex tries to increase the nonce. However the statement nonce.add(1) doesn't work. It adds 1 to the nonce and then throws the result away.
The nonce is only used for randomness (which isn't really random anyway), so the risk is low.
Proof of Concept
function randomIndex() internal returns (uint) { ... nonce.add(1);
Tools Used
Editor
Recommended Mitigation Steps
Use something like: nonce = nonce.add(1)