Generating randomness in Ethereum is challenging because every node must come to the same conclusion on the state of the blockchain. Hence, naive approaches to generate randomness can be manipulated by miners or observant attackers.
Insecure randomness can be exploited by attackers to gain an unfair advantage in games, lotteries, or any other contracts that rely on random number generation.
A lottery smart contract using block.timestamp
for generating a random number can be manipulated by a miner, making the lottery unfair.