I understand the transaction cancel and retry part. It is the obvious probable attack.
This is also unsafe imo, consider this:
-
Imagine I am distributing TS packs with single moment inside (let’s say 100k packs), and in each pack you have chance to get 1/100k odds Lebron Moment
-
I am making lets say 100 transactions per block to speed up delivery.
Problems:
-
all those 100 transactions (in the same block which blockID is the seed), will have the same pack content. So instead of different packs, you will give 100x same pack
-
if one of the packs (1/1000) has Lebron, 1/100 chance, you will give away 100 Lebron. So instead of expected value of 1 Lebron in 100k packs, you will either have 100 Lebron with 1% chance, or No Lebron at all 99%
This variance is usually not good from a business perspective too.
Also, I didn’t check how blockID is calculated, but potentially I am guessing, the malicious users can also affect that part.