Lines of code

Vulnerability details

Impact

The raffle could be slightly unfair as the owner of NFT ID which is closer to drawingTokenStartId could have more chance to win.

Proof of Concept

As written in <https://code4rena.com/contests/2022-12-forgeries-contest&gt;, “We want to raffle away a single NFT (token) based off of another NFT collection (or drawingToken) in a fair and trustless manner.” However, the raffle could be slightly unfair because the owner of NFT ID which is closer to drawingTokenStartId has more chance to win.

Reading the code below

uint256 tokenRange = settings.drawingTokenEndId -
 settings.drawingTokenStartId;

// Store a number from it here (reduce number here to reduce gas usage)
// We know there will only be 1 word sent at this point.
request.currentChosenTokenId =
  (_randomWords[0] % tokenRange) +
  settings.drawingTokenStartId;

Let’s say an ERC721 contract has 4 NFT ids which are 0, 1, 2, 3

The tokenRange will be 4 - 0 = 4

See
/// @notice Start token ID for the drawing (if totalSupply = 20 but the first token is 5 (5-25), setting this to 5 would fix the ordering)
/// @notice End token ID for the drawing (exclusive) (token ids 0 - 9 would be 10 in this field)

and assume that randomWords[0] is 1 digit which COULD return 0, 1, 2, 3, 4, 5, 6, 7, 8, 9

0 % 4 = 0
1 % 4 = 1
2 % 4 = 2
3 % 4 = 3
4 % 4 = 0
5 % 4 = 1
6 % 4 = 2
7 % 4 = 3
8 % 4 = 0
9 % 4 = 1

Owner of drawingTokenId = 0 and 1 (3 / 10 = 30%) has a higher chance to win the reward compared to 2, 3 (2/10 = 20%)

Tools Used

Manual

Recommended Mitigation Steps

I don’t have a better suggestion. I am thinking

is that possible that Chainlink return the _randomWords[0] which is any number between A … B

where

1. A is the multiplier value of totalSupply or can be 0
2. B is the (multiplier value of totalSupply) - 1
3. A < B

Like

0 … 3
4 … 7
0 … 11

So every owner of the NFT ids has the same chance to win the raffle

---

The text was updated successfully, but these errors were encountered:

All reactions