The drawRaffle function in ERC20Incentive.sol is designed to select a random winner from a list of participants (entries) when the incentive strategy is set to RAFFLE. However, the randomness source it uses is insecure.
This code relies on block.prevrandao (a random value introduced in the previous block) and block.timestamp (the time the current block was mined) to generate a random number. The problem is that miners have some control over these values.
Attack Scenario:
Identify Vulnerable Contract: An attacker monitors the blockchain for deployed ERC20Incentive contracts using the RAFFLE strategy and a significant reward amount.
Participate in Raffle: The attacker makes an entry into the raffle by calling the claim function.
Predict the Outcome: The attacker uses their knowledge of block timestamps and block.prevrandao to predict the likely outcome of the drawRaffle function. They might have tools or scripts to analyze past block data and estimate the range of possible random values.
Manipulate Block Data (Optional):
Timestamp Manipulation: If the attacker is a miner or can influence a miner, they might slightly adjust the block timestamp to make their prediction more accurate.
Transaction Ordering: Miners can also influence the order of transactions within a block, which can indirectly affect block.prevrandao.
Call drawRaffle: At the right moment, when the block timestamp and prevrandao align favorably with their prediction, the attacker calls the drawRaffle function.
Win the Raffle: Due to the manipulated randomness, the attacker's entry is highly likely to be selected as the winner, allowing them to claim the entire reward.
Impact
Unfair Raffle Outcomes: An attacker who can manipulate block data could potentially predict the outcome of the raffle and consistently win, unfairly claiming the entire reward.
Integrate a VRF service like Chainlink VRF into the drawRaffle function. Chainlink VRF uses a combination of on-chain and off-chain components to generate random numbers that are both unpredictable and verifiable.
pwning_dev
High
Insecure Randomness in drawRaffle
Summary
Vulnerability Detail
The drawRaffle function in ERC20Incentive.sol is designed to select a random winner from a list of participants (entries) when the incentive strategy is set to RAFFLE. However, the randomness source it uses is insecure.
This code relies on block.prevrandao (a random value introduced in the previous block) and block.timestamp (the time the current block was mined) to generate a random number. The problem is that miners have some control over these values. Attack Scenario:
Identify Vulnerable Contract: An attacker monitors the blockchain for deployed ERC20Incentive contracts using the RAFFLE strategy and a significant reward amount.
Participate in Raffle: The attacker makes an entry into the raffle by calling the claim function.
Predict the Outcome: The attacker uses their knowledge of block timestamps and block.prevrandao to predict the likely outcome of the drawRaffle function. They might have tools or scripts to analyze past block data and estimate the range of possible random values.
Manipulate Block Data (Optional):
Timestamp Manipulation: If the attacker is a miner or can influence a miner, they might slightly adjust the block timestamp to make their prediction more accurate. Transaction Ordering: Miners can also influence the order of transactions within a block, which can indirectly affect block.prevrandao. Call drawRaffle: At the right moment, when the block timestamp and prevrandao align favorably with their prediction, the attacker calls the drawRaffle function.
Win the Raffle: Due to the manipulated randomness, the attacker's entry is highly likely to be selected as the winner, allowing them to claim the entire reward.
Impact
Unfair Raffle Outcomes: An attacker who can manipulate block data could potentially predict the outcome of the raffle and consistently win, unfairly claiming the entire reward.
Code Snippet
https://github.com/sherlock-audit/2024-06-boost-aa-wallet/blob/78930f2ed6570f30e356b5529bd4bcbe5194eb8b/boost-protocol/packages/evm/contracts/incentives/ERC20Incentive.sol#L137C5-L146C6
Tool used
Manual Review
Recommendation
Integrate a VRF service like Chainlink VRF into the drawRaffle function. Chainlink VRF uses a combination of on-chain and off-chain components to generate random numbers that are both unpredictable and verifiable.