Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Review insufficiently-random-values detector and remediated test-case #259

Open
5 tasks
arturoBeccar opened this issue Jul 10, 2024 · 0 comments
Open
5 tasks

Review insufficiently-random-values detector and remediated test-case #259

arturoBeccar opened this issue Jul 10, 2024 · 0 comments

Comments

@arturoBeccar
Copy link
Member

arturoBeccar commented Jul 10, 2024
edited
Loading

Description

Following these notes by an auditor and this conversation thread, we need to remove the recommendation to use prng() as a source of randomness for Soroban smart contracts.

Acceptance Criteria

  • Modify detector output message to something like "Avoid using block attributes for random number generation, remember that all random numbers are under the control of validators.".
  • Modify remediated test case, using an oracle instead of prng(). (referencias: 1, 2, 3). [PARECE QUE NO HAY ORACULO QUE ANDE, HABLAR CON MATI Y VALE Y PROPONER HACERLO].
  • Add vulnerable test case using prng().
  • Update detector and vulnerability documentation. Add prng() to the list of vulnerable cases, recommend using an oracle as remediation.
  • Update Scout run in tutorial video for insufficiently-random-values. Add prng() to vulnerable cases. If possible, provide code explaining how to use an oracle.

Observaciones Juli

Puede ser que prng() tenga su caso de uso dependiendo de la tolerancia al riesgo que se tenga.

Podríamos entonces dar un hint que sea (hay copia textual de la doc):

  • Para casos donde se use timestamp o sequence, algo como "Avoid using ledger().timestamp or ledger().sequence as entropy source, since they can be biased. soroban_sdk provides prng(), an api that provides better PSEUDO random management. However, the PRNG is seeded with PUBLIC data that is under the control of validators. Therefore it should only be used in applications where the risk of validator influence is acceptable.
  • Para casos donde se usa prng: "The PRNG is seeded with PUBLIC data that is under the control of validators. Therefore it should only be used in applications where the risk of validator influence is acceptable."

Observaciones Aure

Para tener randomness sí o sí necesitás algo como un oráculo. El tema de las VRFs no lo tengo claro, pero entiendo que es más para estar seguros de que el random fue random posta. De todas maneras necesita input de afuera de la blockchain.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

When branches are created from issues, their pull requests are automatically linked.

259-review-insufficiently-random-values-detector-and-remediated-test-case CoinFabrik/scout-soroban
1 participant
@arturoBeccar