Is the sealedSeed in Randomness contract secure?
simontianx opened this issue · comments
Hey, one concern I had about the contract sample in your article is the state variable bytes32 sealedSeed;
is stored in the first slot of the contract storage. Isn't this easily accessed by web3.eth.getStorageAt(contractAddr, 0)
function? A malicious attacker can read the seed and make a sure bet.