TwentyOne

First Flight #29

Beginner FriendlyGameFiFoundrySolidity

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Invalid

Missing Payment Verification and Tracking in startGame Function

hawks

Summary

The startGame function lacks a verification mechanism to ensure players have paid before starting the game. Additionally, there is no record-keeping of who paid or the amount paid, leading to potential exploitation and lack of transparency.

Vulnerability Details

function startGame() public payable returns (uint256) {

address player = msg.sender;

require(msg.value >= 1 ether, "not enough ether sent");

initializeDeck(player);

uint256 card1 = drawCard(player);

uint256 card2 = drawCard(player);

addCardForPlayer(player, card1);

addCardForPlayer(player, card2);

return playersHand(player);

}

Impact

Unauthorized Game Access:
Players can start the game without paying since the function does not verify payment before allowing participation.

Free Prize Claims:
Players can exploit the system to claim prizes without making the required deposit.
Lack of Payment Records:
There is no mechanism to track which address paid and the amount, leading to potential disputes and lack of transparency.

Tools Used

Manual Review

Recommendations

Add a mapping that keeps a record of each address and the amount players have paid.

Add a new mapping to check if a player has paid. To implement this condition, the onlyOwner modifier must be added so that only the owner can check if a player has paid.

mapping(address => uint256) public playerPayments;

mapping(address => bool) public isAuthorizedPlayer;

address public owner;

constructor() {

owner = msg.sender;

}

modifier onlyOwner() {

require(msg.sender == owner, "TwentyOne: Not the contract owner");

}

function startGame() public payable returns (uint256) onlyOwner {

address player = msg.sender;

//check if player paid

require(isAuthorizedPlayer[player], "TwentyOne: Player did not pay");

require(msg.value >= 1 ether, "not enough ether sent");

// Update player amount

playerPayments[player] += msg.value;

initializeDeck(player);

uint256 card1 = drawCard(player);

uint256 card2 = drawCard(player);

addCardForPlayer(player, card1);

addCardForPlayer(player, card2);

return playersHand(player);

}

With these changes:

Only the owner can verify if a player has paid to start the game.
Player payments are recorded by address and amount for transparency

Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Rewards breakdown

nSLOC

147

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!