search
Active Boosts

49626 sc insight modulo bias in winner selection in raffle

Submitted on Jul 17th 2025 at 19:12:26 UTC by @Opzteam for Attackathon | Plume Networkarrow-up-right

  • Report ID: #49626

  • Report Type: Smart Contract

  • Report severity: Insight

  • Target: https://github.com/immunefi-team/attackathon-plume-network/blob/main/plume/src/spin/Raffle.sol

  • Impacts:

    • Contract fails to deliver promised returns, but doesn't lose value

hashtag
Description

hashtag
Vulnerability Description

The Raffle contract contains a modulo bias vulnerability in the winner selection mechanism. The contract uses a simple modulo operation without bias protection, which can favor certain ticket indices when the total number of tickets doesn't evenly divide the VRF random number space (1,000,000), leading to unfair raffle outcomes.

hashtag
Vulnerable Code Snippet

// Line 247 in handleWinnerSelection function
uint256 winningTicketIndex = (rng[0] % totalTickets[prizeId]) + 1;

When totalTickets[prizeId] doesn't evenly divide 1,000,000, some ticket indices get more chances than others.

Example: If totalTickets = 7, then 1,000,000 % 7 = 6, meaning tickets 1-6 get 142,858 chances each while ticket 7 only gets 142,852 chances.

hashtag
Proof of Concept

1

Create a raffle with 100,001 total tickets

2

Calculate bias: 1,000,000 % 100,001 = 999,999 (significant remainder)

3

Exploit: Tickets 1-999,999 get 10 chances each, ticket 1,000,000 gets 9 chances, ticket 100,001 gets 1 chance

4

Result: Users with tickets in positions 1-999,999 have higher winning probability than those in positions 1,000,000 and 100,001

5

Manipulation: Attacker can strategically time entries or manipulate ticket purchases to favor advantageous positions

hashtag
Remediation

circle-info

Implement rejection sampling to ensure uniform distribution.

Recommended code pattern:

This ensures all ticket indices have exactly equal probability of being selected.

Previous50225 sc low user can bypass minstakeamount checking Next51651 sc insight redundant array access in removestakerfromvalidator

Was this helpful?