Home Web3 SecuritySmart Contract Audit Time-Dependent Function Manipulation in Solidity Smart Contracts

Time-Dependent Function Manipulation in Solidity Smart Contracts

by ImmuneBytes
Time-Dependent Function Manipulation in Solidity Smart Contracts

The Vulnerability

Smart contracts on Ethereum often have time-sensitive logic, whether it’s for auctions, lotteries, or token vesting. These time-sensitive functionalities commonly depend on the block.timestamp for execution. The problem arises from the fact that this block.timestamp is not absolutely immutable; it’s determined by the miner who mines the block, which means a miner has a small window (up to around 15 seconds according to the Ethereum protocol implementations) to manipulate this value to their advantage.

In a simple example, let’s say there is a decentralized auction contract that automatically accepts the highest bid made before a certain block.timestamp. If the miner is also a bidder, they could intentionally set the block’s timestamp to prematurely end the auction when they are the highest bidder, thereby winning the auction unfairly.

The Attack Scenario

The below contract enables a simple betting game where users guess whether a number will be odd or even. If their guess is correct, they win twice the amount they bet, minus a 10% fee. The contract utilizes the block.timestamp for generating the number, which introduces the vulnerability.

// Solidity program to demonstrate 
// timestamp dependence vulnerability
pragma solidity ^0.8.0;

contract OddEvenGame {
    uint public yourAnswer;

    function oddOrEven(bool yourGuess) external payable returns (bool) {
        yourAnswer = block.timestamp % 2;

        if (yourGuess == (yourAnswer > 0)) {
            uint fee = msg.value / 10;
            payable(msg.sender).transfer(msg.value * 2 - fee);
            return true;
        } else {
            return false;
  1. Exploiting Miner
    Bob, a miner, observes transactions sent to this contract. He understands that block.timestamp is used to decide the outcome of the bet.
  2. Timestamp Manipulation
    Before mining a block, Bob can manipulate the block’s timestamp to ensure it results in either an odd or even number when taken modulo 2.
  3. Execute Transaction
    Bob then creates a transaction by calling the oddOrEven() function with his ‘guess,’ which he knows will be correct because he manipulated the timestamp.
  4. Profit
    Bob mines the block with the manipulated timestamp and his transaction. If he successfully mines this block, the manipulated timestamp will ensure he wins the bet and takes the Ether.

Preventative Measures

  1. Avoid Direct Time-Dependence: For random number generation or other logic not strictly tied to time, try to use methods other than block.timestamp.
  2. Oracle Services: Use trusted Oracle services like ChainLink to bring reliable timestamp data into the smart contract. Chainlink’s Decentralized Oracle Networks can provide tamper-proof data for smart contracts.
  3. Time Padding: If you must use block.timestamp, consider implementing a time buffer after the supposed end time of the contract action. For example, you could add a rule that the auction will only end when block.timestamp is greater than auctionEndTime + 1 minutes, giving participants a grace period and reducing the miner’s ability to manipulate the end time.
  4. Multi-block Confirmation: Ensure that an action only be finalized after the same condition has been met in several consecutive blocks, decreasing the likelihood that any single miner can manipulate the outcome.

Real-World Examples

A notable real-world instance similar to this kind of attack would be the GovernMental Ponzi scheme that amassed nearly 1100 ETH. Miners manipulated the timestamp to appear as the last player to join the game and thus claimed the reward unfairly.

By acknowledging the flexibility and potential manipulability of the block.timestamp, developers can build more robust and attack-resistant smart contracts.

You may also like