solidityguard-openenv / data /samples /task3 /weak_randomness.sol
Arshit-Verma
feat: Complete SolidityGuard v2.0 with exploit proofs, auto-fix suggestions, multi-agent verification, and advanced reporting
5de1250
Raw
History Blame Contribute Delete
827 Bytes
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
contract RandomnessVulnerability {
mapping(address => bool) public hasWon;
uint256 public prize = 1 ether;
function playLottery() external payable {
require(msg.value >= 0.1 ether, "Insufficient payment");
// Vulnerable randomness using block properties
uint256 randomNumber = uint256(keccak256(abi.encodePacked(
block.timestamp,
block.difficulty,
msg.sender
))) % 100;
if (randomNumber < 10) {
hasWon[msg.sender] = true;
payable(msg.sender).transfer(prize);
}
}
function getBlockHash() external view returns (bytes32) {
// Predictable block hash usage
return blockhash(block.number - 1);
}
}