The EntropyGenerator contract's entropy calculation function is prone to precision loss due to its reliance on integer division followed by a modulo operation. This method may cause biased results due to truncation errors, particularly when the position is large.
Here, the integer division may result in a significant loss of precision, especially when position is large. This precision loss can skew the results of the modulo operation, leading to biased entropy values.
Impact
This issue can lead to biased entropy values, affecting the uniformity of NFT trait generation. Potential impacts include:
1.Unfair Advantages: Certain NFTs may receive preferential traits due to biased entropy.
2.Reduced Randomness: The randomness and uniqueness of NFTs could be compromised.
3.Exploitable Patterns: Predictable patterns in NFT traits might be exploited by players.
The problem is particularly concerning because entropy is used to determine important parameters like NukeFactor, forgePotential, and role assignments (Forger or Merger).
Proof of Concept
Assuming slotValue is a large number close to 2^256 - 1, and position is 0:
In this scenario, the division slotValue / (10 ** 72) yields a smaller number due to truncation. The following modulo operation will then produce results biased toward smaller values, failing to evenly distribute across the range 0 to 999999.
This approach uses bitwise operations to extract 24 bits (6 hex digits) from
slotValue, avoiding precision loss associated with division.
2.Conduct Extensive Testing:
Implement comprehensive tests to verify that entropy values are uniformly distributed across the entire possible range. This ensures that the entropy generation is fair and unbiased.
Lines of code
https://github.com/code-423n4/2024-07-traitforge/blob/279b2887e3d38bc219a05d332cbcb0655b2dc644/contracts/EntropyGenerator/EntropyGenerator.sol#L181
Vulnerability details
Description
The
EntropyGenerator
contract's entropy calculation function is prone to precision loss due to its reliance on integer division followed by a modulo operation. This method may cause biased results due to truncation errors, particularly when the position is large.The code in question is:
Here, the integer division may result in a significant loss of precision, especially when position is large. This precision loss can skew the results of the modulo operation, leading to biased entropy values.
Impact
This issue can lead to biased entropy values, affecting the uniformity of NFT trait generation. Potential impacts include:
1.Unfair Advantages: Certain NFTs may receive preferential traits due to biased entropy. 2.Reduced Randomness: The randomness and uniqueness of NFTs could be compromised. 3.Exploitable Patterns: Predictable patterns in NFT traits might be exploited by players. The problem is particularly concerning because entropy is used to determine important parameters like NukeFactor, forgePotential, and role assignments (Forger or Merger).
Proof of Concept
Assuming
slotValue
is a large number close to2^256 - 1
, andposition
is 0:In this scenario, the division slotValue / (10 ** 72) yields a smaller number due to truncation. The following modulo operation will then produce results biased toward smaller values, failing to evenly distribute across the range 0 to 999999.
Tools Used
Recommended Mitigation Steps
This approach uses bitwise operations to extract 24 bits (6 hex digits) from slotValue, avoiding precision loss associated with division.
2.Conduct Extensive Testing: Implement comprehensive tests to verify that entropy values are uniformly distributed across the entire possible range. This ensures that the entropy generation is fair and unbiased.
Assessed type
Math