ID Submit date Publish date Author Score
1 10.25.2018 10.25.2018 10.0

Description

TheRun uses the current timestamp in order to generate random numbers and award a jackpot based on the result. Similarly, a betting contract may run for a predetermined betting period, after which it considers the bets that have been submitted. The smart contract framework in Ethereum provides the now variable for accessing the time, which is set to the local timestamp of the miner. Unfortunately, this timestamp can be manipulated by a colluding miner. He may adjust the timestamp provided by a few seconds, changing the output of the contract to his benefit. In TheRun, the output of the random number generator can be manipulated, and for the betting contract, the period can be extended or shrunk to affect future transactions. Vector: BVSS:1.1/B:S/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/CI:N/II:H/AI:N

Original source

https://etherscan.io/address/0xcac337492149bdb66b088bf5914bedfbf78ccc18

Comments