c4-judge
commented
2 months ago koolexcrypto marked the issue as unsatisfactory: Invalid
Closed c4-bot-1 closed 2 months ago
c4-judge
commented
2 months ago koolexcrypto marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/TraitForge/traitforge-contracts/blob/main/contracts/EntropyGenerator/EntropyGenerator.sol#L47
Vulnerability details
Impact
Since the
writeEntropyBatch1,2,3functions generate random number arrays based on the current block hash, and the subsequent values are taken sequentially from the array, thecurrentNumberIndexis also accessible during NFT minting (cycling from 0 to 12). Users can manipulate these two values to bypass randomness, allowing them to mint high-quality NFTs and claim rewards.Proof of Concept
https://github.com/TraitForge/traitforge-contracts/blob/main/contracts/TraitForgeNft/TraitForgeNft.sol#L280
Tools Used
Recommended Mitigation Steps
It is recommended that users pay a fee to obtain random numbers from the Chainlink oracle to prevent manipulation in NFT minting.
Assessed type
Other