1

I am trying to help someone discover how their code was hacked.

They use a random number generator in the blockchain like this:

uint256 random = uint256(
                    keccak256(
                        abi.encodePacked(
                            block.difficulty,
                            block.timestamp,
                            msg.sender                            
                        )
                    )
                ) % 100;
if (random >= 90) {
        //get1;
    } else {
        //get2;
    }

to get a random number between 1 and 100. Someone was able to 'guess' when to submit a transaction to always get 2.... I have been told it may be forking the chain but I still do not see how. This is on the Avalanche chain where blocks are random times so there are 2 questions:

1: how do you guess block.timestamp of a future block on Avalanche? I can come very close in attempts(take the average over the last 10 block) to guess what 1 or 2 blocks ahead will be but only about 70% of the time

2: more importantly, for this to work, how do you get a transaction through on that specific block? I have tried raising gas etc but have been unsuccessful at targeting a block

I am currently using python web3 to test(on main chain not forking) but any language(even theory) would be a step in the right direction.

Thanks

Pearl
  • 392
  • 2
  • 12

1 Answers1

0

These types of attack ("guessing" a specific pseudo-random number) usually come from miners (PoW) and validators (PoS).

When a miner/validator publishes a blocks, they include an arbitrary block.timestamp value. As long as the timestamp is in an expected range (larger than the last block timestamp, and around the expected new block time), the network accepts it.

They are also able to put an arbitrary transaction (signed by an address they hold the private key to) to the very same block they publish. This transaction doesn't even need to go through the mempool.

Petr Hejda
  • 40,554
  • 8
  • 72
  • 100
  • Right but this is the Avalanche network which is POS? Perhaps using a Validator somehow? – Pearl Mar 29 '22 at 10:56
  • @Pearl This applies to PoS networks as well. Except the block it's produced by a validator, and not a miner, and the mechanics of how the block is created is a bit different. But there's still an entity (a validator or a miner) that produces the block, and chooses which transaction are included in the block... I updated my answer to include PoS terminology as well, so it's not that confusing. – Petr Hejda Mar 29 '22 at 11:39
  • Ahh thanks. could you not just watch the mempool and 'front run' so to speak like a front running bot? You would know the time much closer in that aspect? And is this possible on Avalanche or do you need to 'own' a validator? – Pearl Mar 30 '22 at 12:29
  • @Pearl Frontrunning is possible on PoS networks too, but this code is most likely not frontrunnable. It's because a frontrunner is in this case only able to affect the `msg.sender` value - while the validator/miner can affect both `msg.sender` (by inserting their own transaction from their own address) and `block.timestamp`, giving the validator/miner much larger probability of determining the expected result. – Petr Hejda Mar 30 '22 at 13:12