TwentyOne
First Flight #29
Beginner FriendlyGameFiFoundrySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Valid

User loses funds in case of a tie instead of being refunded.

pollersan

Summary

According to the official blackjack rules, in the event of a tie, the player's funds should be returned. The documentation claims that the contract follows these rules, but the current implementation does not properly handle ties, resulting in the player's funds being lost.

Vulnerability Details

In the call() function, when determining the winner, there is no code mechanism to refund the user in the case of a tie between the dealer and the player. Instead, the player is incorrectly considered the loser, even when the result is a tie, leading to the loss of the player's funds.

// Determine the winner
if (dealerHand > 21) {
emit PlayerWonTheGame(
"Dealer went bust, players winning hand: ",
playerHand
);
endGame(msg.sender, true);
} else if (playerHand > dealerHand) {
emit PlayerWonTheGame(
"Dealer's hand is lower, players winning hand: ",
playerHand
);
endGame(msg.sender, true);
} else {
emit PlayerLostTheGame(
"Dealer's hand is higher, dealers winning hand: ",
dealerHand
);
endGame(msg.sender, false);
}

Impact

The user would lose their funds and would have to pay again to play, which violates the official blackjack rules and disrupts the integrity of the game.

Tools Used

Manual Review

Recommendations

Update the code to ensure that in the event of a tie between the player and the dealer, the player's funds are refunded or a new game is started with the same funds, as the player did not lose.

Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Validated
Assigned finding tags:

Tie case

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.