Closed code423n4 closed 1 year ago
thereksfour changed the severity to QA (Quality Assurance)
This previously downgraded issue has been upgraded by thereksfour
This previously downgraded issue has been upgraded by thereksfour
thereksfour marked the issue as duplicate of #445
thereksfour changed the severity to QA (Quality Assurance)
thereksfour marked the issue as grade-c
Lines of code
https://github.com/code-423n4/2023-03-wenwin/blob/main/src/Lottery.sol#L140
Vulnerability details
Impact
Bad actors can take advantage end up winning lotterys that they did not deserve to win. essentially stealing from other users/protocol.
Proof of Concept
Miners are able to alter chain histroy if the vrf output is not one of their winning combinations. For example:
A very similar issue was accepted as a high here:https://github.com/code-423n4/2021-10-pooltogether-findings/issues/56
However I feel like with the likely hood being lower than an average attack it is closer to a medium.
Tools Used
Manual Analysis
Recommended Mitigation Steps
Consider adding a confirmation time between when the actual VRF request was made and when it was later fulfilled on-chain. This would mitigate re-orging the chain to a attackers advantage.