Miners Can manipulate the VRF Output to Game the Protocol

[code423n4]

Lines of code

https://github.com/code-423n4/2023-03-wenwin/blob/main/src/Lottery.sol#L140

Vulnerability details

Impact

Bad actors can take advantage end up winning lotterys that they did not deserve to win. essentially stealing from other users/protocol.

Proof of Concept

Miners are able to alter chain histroy if the vrf output is not one of their winning combinations. For example:

• A miner buys a hand ful of lotto tickets
• a vrf request is made to retrieve a random number.
• the miner / user sees that the random number does not result in any winnings for the miner.
• The miner wants another chance to win so they include the random number in the next block. This creates a whole new vrf. This is done by re-orging the chain.
• The miner can only substain this for a few blocks however by doing so they gave their tickets x more chances to win.
• The likely hood of this happening is low but the impact would be very and and this attack vertor very possible.
• The attack could either be a miner or someone who pays miners to do this for them.

A very similar issue was accepted as a high here:https://github.com/code-423n4/2021-10-pooltogether-findings/issues/56

However I feel like with the likely hood being lower than an average attack it is closer to a medium.

Tools Used

Manual Analysis

Recommended Mitigation Steps

Consider adding a confirmation time between when the actual VRF request was made and when it was later fulfilled on-chain. This would mitigate re-orging the chain to a attackers advantage.

[c4-judge]

thereksfour changed the severity to QA (Quality Assurance)

[c4-judge]

This previously downgraded issue has been upgraded by thereksfour

[c4-judge]

This previously downgraded issue has been upgraded by thereksfour

[c4-judge]

thereksfour marked the issue as duplicate of #445

[c4-judge]

thereksfour changed the severity to QA (Quality Assurance)

[c4-judge]

thereksfour marked the issue as grade-c