Validation of amount sent to startGame() is wrong.
Summary
If we take a look at the described rules, we have the following: "A player must deposit 1 ETH to play, with a maximum payout of 2 ETH upon winning."
Considering this fact, we can see a wrong validation in the function startGame(), where it's being validated if the player sent over or equals to 1 ether and then revert with an error.
Vulnerability Details
There is a wrong validation in the function startGame(), where it's being validated if the player sent over or equals to 1 ether and then revert with an error. We must check if the msg.value is equals to 1 ether and leave the player call start game.
Impact
Players can not start a game as if they send the correct amount described on the rules.
Tools Used
Foundry
Recommendations
We must check if the msg.value is equals to 1 ether and leave the player call start game instead of reverting if the amount is equals or over to 1 ether.
Example:
Lead Judging Commences
[INVALID] User mistake, too much ETH sent
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.