Weak Randomness

Block properties are not strong sources of randomness

Used in: NFT minting bots. If the source of randomness is weak a bot can accurately predict which NFT it will get. As long as the metadata is known, the bot can predictably snipe the rarest NFTs.

Victim

Attacker

Prevention

• Don't use block.number, block.prevhash and block.timestamp as sources of randomness.

• There are more robust options available such as Chainlink VRF.