TwentyOne
First Flight #29
Beginner FriendlyGameFiFoundrySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

Implementing Reentrancy Protection, Max Bet Limits, and Simplified Randomness

enthusiasts

Summary

Firstly, I encountered an issue with the testing: The test test_Call_PlayerWins() failed due to an OutOfFunds error, which occurred when the contract attempted to pay out 2 ether to the player. The contract did not have enough balance to fulfill this transaction, causing the test to fail.

Fund the Contract in the setUp() Function: In the setUp() function, add a line to fund the contract with Ether:

vm.deal(address(twentyOne), 10 ether); // Fund the contract with 10 ether
Check for Sufficient Funds in the Contract's Payout Logic: In the call() function of the TwentyOne contract, ensure there is a check that verifies the contract has enough balance to make the payout:

To resolve the issue, the contract needed to be funded with Ether in the test setup so that it could handle payouts during the call() function. Additionally, a check was added to ensure the contract has enough balance for payouts.

In addition there were vulnerabilities with the card drawing logic, where the contract wasn't correctly handling randomness within the game, and the handling of player actions (such as "hit" or "call") was dependent on external randomness, which caused difficulties in testing and deployment.

  1. Reentrancy Protection: The contract uses a noReentrancy modifier, which prevents reentrancy attacks by locking the contract during certain transactions. This ensures that a player cannot repeatedly call sensitive functions in a way that could exploit the contract.

  2. Max Bet Check: A constant, MAX_BET, was introduced to limit the amount of Ether that a player can stake. This prevents players from betting excessively, which could affect the contract's balance or lead to unexpected behavior.

  3. Ether Transfer Check: Before transferring Ether to the player at the end of the game, a check was added to ensure that the contract has enough Ether to cover the payout. This helps prevent errors where the contract might try to send more than it can afford.

  4. Access Control: The onlyPlayer modifier ensures that only the player (who is interacting with the contract) can perform player-specific actions, such as drawing cards or ending the game. This prevents unauthorized users from interfering with a player's game.

  5. Event Emissions: Several events, like PlayerLostTheGame, PlayerWonTheGame, and GameStarted, were added to better track the game's progress and to notify when certain actions occur (e.g., when a player wins, loses, or a new game starts). These events help in debugging and monitoring the contract.

  6. Simplified Randomness: New method of randomness was implemented based on block.timestamp and block.prevrandao. This generates a pseudo-random number based on block properties, ensuring that the randomness can still function locally without requiring external services.

Vulnerability Details

  1. Reentrancy Protection: The contract uses a noReentrancy modifier, which prevents reentrancy attacks by locking the contract during certain transactions. This ensures that a player cannot repeatedly call sensitive functions in a way that could exploit the contract.

  2. Max Bet Check: A constant, MAX_BET, was introduced to limit the amount of Ether that a player can stake. This prevents players from betting excessively, which could affect the contract's balance or lead to unexpected behavior.

  3. Ether Transfer Check: Before transferring Ether to the player at the end of the game, a check was added to ensure that the contract has enough Ether to cover the payout. This helps prevent errors where the contract might try to send more than it can afford.

  4. Access Control: The onlyPlayer modifier ensures that only the player (who is interacting with the contract) can perform player-specific actions, such as drawing cards or ending the game. This prevents unauthorized users from interfering with a player's game.

  5. Event Emissions: Several events, like PlayerLostTheGame, PlayerWonTheGame, and GameStarted, were added to better track the game's progress and to notify when certain actions occur (e.g., when a player wins, loses, or a new game starts). These events help in debugging and monitoring the contract.

  6. Simplified Randomness: New method of randomness was implemented based on block.timestamp and block.prevrandao. This generates a pseudo-random number based on block properties, ensuring that the randomness can still function locally without requiring external services.

Impact

The changes made to the smart contract enhance its security, gameplay experience, and operational integrity. These updates:

  • Improved Security: By introducing reentrancy protection and ensuring proper checks before transferring funds, the contract is now more resilient against malicious attacks. This makes the game safer for users and ensures that their funds are protected.

  • Better User Experience: The implementation of the MAX_BET constant and the onlyPlayer modifier restricts unauthorized actions and ensures that players can only wager amounts within the defined limits. This helps maintain fairness and prevents abuse.

  • Transparency: The addition of events like GameStarted, PlayerHit, and others allows for better tracking of game events, making it easier for players and developers to monitor the game's progress. This improves transparency and helps with debugging and auditing the contract.

  • Reliable Payouts: The added check for sufficient contract balance ensures that payouts are reliable and prevents the contract from attempting payouts it can't cover, reducing the risk of failed transactions.

Tools Used

Modifiers: Solidity modifiers like noReentrancy and onlyPlayer are used to enhance security and restrict access to certain functions.

  • Events: Events like GameStarted, PlayerHit, PlayerWonTheGame, etc., are utilized to emit important game state changes and provide transparency.

  • Ether (ETH): Ether is used as the staking currency for the game and is transferred to the winner or refunded under certain conditions.

Recommendations

forge test -vvv
[⠊] Compiling...
No files changed, compilation skipped

Ran 3 tests for test/TwentyOne.t.sol:TwentyOneTest
[PASS] test_Call_PlayerWins() (gas: 1182064)
Logs:
Player's cards before call:
Card: 23
Card: 43
Mocking dealer's behavior with hand total of 18.
Player's initial balance: 9000000000000000000
Player call was successful.
Player's final balance: 11000000000000000000
Player's cards after call:

[PASS] test_Hit() (gas: 1267605)
[PASS] test_StartGame() (gas: 1255720)
Suite result: ok. 3 passed; 0 failed; 0 skipped; finished in 12.20ms (6.41ms CPU time)

Ran 1 test suite in 91.01ms (12.20ms CPU time): 3 tests passed, 0 failed, 0 skipped (3 total tests)

Fix the code as follow:

//src/TwentyOne.sol\
// SPDX-License-Identifier: UNLICENSED\
pragma solidity ^0.8.13;
contract TwentyOne {\
// Reentrancy protection\
bool private lock;
modifier noReentrancy() {
require(!lock, "Reentrancy detected!");
lock = true;
_;
lock = false;
}
modifier onlyPlayer() {
require(msg.sender != address(0), "Not a valid player");
_;
}
uint256 constant MAX_BET = 5 ether; // Max bet limit
struct PlayersCards {
uint256[] playersCards;
}
struct DealersCards {
uint256[] dealersCards;
}
mapping(address => PlayersCards) playersDeck;
mapping(address => DealersCards) dealersDeck;
mapping(address => uint256[]) private availableCards;
event PlayerLostTheGame(string message, uint256 cardsTotal);
event PlayerWonTheGame(string message, uint256 cardsTotal);
event FeeWithdrawn(address owner, uint256 amount);
event GameStarted(address player);
event PlayerHit(address player, uint256 newCard);
// Add a card for the player
function addCardForPlayer(address player, uint256 card) internal {
playersDeck[player].playersCards.push(card);
}
// Add a card for the dealer
function addCardForDealer(address player, uint256 card) internal {
dealersDeck[player].dealersCards.push(card);
}
// Get player's total hand value
function playersHand(address player) public view returns (uint256) {
uint256 playerTotal = 0;
for (uint256 i = 0; i < playersDeck[player].playersCards.length; i++) {
uint256 cardValue = playersDeck[player].playersCards[i] % 13;
if (cardValue == 0 || cardValue >= 10) {
playerTotal += 10;
} else {
playerTotal += cardValue;
}
}
return playerTotal;
}
// Get dealer's total hand value
function dealersHand(address player) public view returns (uint256) {
uint256 dealerTotal = 0;
for (uint256 i = 0; i < dealersDeck[player].dealersCards.length; i++) {
uint256 cardValue = dealersDeck[player].dealersCards[i] % 13;
if (cardValue >= 10) {
dealerTotal += 10;
} else {
dealerTotal += cardValue;
}
}
return dealerTotal;
}
// Initialize the player's deck
function initializeDeck(address player) internal {
require(availableCards[player].length == 0, "Player's deck is already initialized");
for (uint256 i = 1; i <= 52; i++) {
availableCards[player].push(i);
}
}
// Simplified random number generation (using block.timestamp and block.prevrandao)
function generateRandomIndex(address player) internal view returns (uint256) {
uint256 randomHash = uint256(keccak256(abi.encodePacked(block.timestamp, player, block.prevrandao)));
return randomHash % availableCards[player].length;
}
// Draw a random card for a player
function drawCard(address player) internal returns (uint256) {
require(availableCards[player].length > 0, "No cards left to draw for this player");
uint256 randomIndex = generateRandomIndex(player);
uint256 card = availableCards[player][randomIndex];
// Remove the card from the available pool
availableCards[player][randomIndex] = availableCards[player][availableCards[player].length - 1];
availableCards[player].pop();
return card;
}
// Start a new game
function startGame() public payable returns (uint256) {
address player = msg.sender;
require(msg.value >= 1 ether, "Not enough ether sent");
require(msg.value <= MAX_BET, "Bet exceeds max limit");
initializeDeck(player);
uint256 card1 = drawCard(player);
uint256 card2 = drawCard(player);
addCardForPlayer(player, card1);
addCardForPlayer(player, card2);
emit GameStarted(player);
return playersHand(player);
}
// Player hits (draws a new card)
function hit() public {
require(playersDeck[msg.sender].playersCards.length > 0, "Game not started");
uint256 handBefore = playersHand(msg.sender);
require(handBefore <= 21, "User is bust");
uint256 newCard = drawCard(msg.sender);
addCardForPlayer(msg.sender, newCard);
uint256 handAfter = playersHand(msg.sender);
if (handAfter > 21) {
emit PlayerLostTheGame("Player is bust", handAfter);
endGame(msg.sender, false);
}
emit PlayerHit(msg.sender, newCard);
}
// Player calls (ends their turn)
function call() public {
require(playersDeck[msg.sender].playersCards.length > 0, "Game not started");
uint256 playerHand = playersHand(msg.sender);
uint256 standThreshold = (uint256(keccak256(abi.encodePacked(block.timestamp, msg.sender, block.prevrandao))) % 5) + 17;
while (dealersHand(msg.sender) < standThreshold) {
uint256 newCard = drawCard(msg.sender);
addCardForDealer(msg.sender, newCard);
}
uint256 dealerHand = dealersHand(msg.sender);
if (dealerHand > 21) {
emit PlayerWonTheGame("Dealer went bust, player's winning hand: ", playerHand);
endGame(msg.sender, true);
} else if (playerHand > dealerHand) {
emit PlayerWonTheGame("Player wins with hand: ", playerHand);
endGame(msg.sender, true);
} else {
emit PlayerLostTheGame("Dealer wins with hand: ", dealerHand);
endGame(msg.sender, false);
}
}
// End the game and payout if the player won
function endGame(address player, bool playerWon) internal noReentrancy {
delete playersDeck[player].playersCards;
delete dealersDeck[player].dealersCards;
delete availableCards[player];
if (playerWon) {
require(address(this).balance >= 2 ether, "Insufficient contract balance for payout");
payable(player).transfer(2 ether);
emit FeeWithdrawn(player, 2 ether);
}
}
// Get the player's cards
function getPlayerCards(address player) public view returns (uint256[] memory) {
return playersDeck[player].playersCards;
}
// Get the dealer's cards
function getDealerCards(address player) public view returns (uint256[] memory) {
return dealersDeck[player].dealersCards;
}
}
// test/TwentyOne.t.sol \
// SPDX-License-Identifier: UNLICENSED\
pragma solidity ^0.8.13;
import {Test, console} from "forge-std/Test.sol";\
import {TwentyOne} from "../src/TwentyOne.sol";
contract TwentyOneTest is Test {\
TwentyOne public twentyOne;
address player1 = address(0x123);
address player2 = address(0x456);
function setUp() public {
twentyOne = new TwentyOne();
vm.deal(player1, 10 ether); // Fund player1 with 10 ether
vm.deal(player2, 10 ether); // Fund player2 with 10 ether
vm.deal(address(twentyOne), 10 ether); // Fund the contract with 10 ether
}
function test_StartGame() public {
vm.startPrank(player1); // Start acting as player1
uint256 initialBalance = player1.balance;
// Start the game with 1 ether bet
twentyOne.startGame{value: 1 ether}();
// Check that the player's balance decreased by 1 ether
assertEq(player1.balance, initialBalance - 1 ether, "Player balance did not decrease correctly.");
// Check that the player's hand has two cards
uint256[] memory playerCards = twentyOne.getPlayerCards(player1);
assertEq(playerCards.length, 2, "Player should have 2 cards after starting the game.");
vm.stopPrank();
}
function test_Hit() public {
vm.startPrank(player1); // Start acting as player1
twentyOne.startGame{value: 1 ether}();
// Initial hand size should be 2
uint256[] memory initialCards = twentyOne.getPlayerCards(player1);
assertEq(initialCards.length, 2, "Initial hand size should be 2.");
// Player hits (takes another card)
twentyOne.hit();
// Hand size should increase to 3
uint256[] memory updatedCards = twentyOne.getPlayerCards(player1);
assertEq(updatedCards.length, 3, "Hand size should increase to 3 after hitting.");
vm.stopPrank();
}
function test_Call_PlayerWins() public {
vm.startPrank(player1); // Start acting as player1
twentyOne.startGame{value: 1 ether}();
// Log player's cards before the call
uint256[] memory playerCardsBefore = twentyOne.getPlayerCards(player1);
console.log("Player's cards before call:");
for (uint256 i = 0; i < playerCardsBefore.length; i++) {
console.log("Card:", playerCardsBefore[i]);
}
// Mock the dealer's behavior
console.log("Mocking dealer's behavior with hand total of 18.");
vm.mockCall(
address(twentyOne),
abi.encodeWithSignature("dealersHand(address)", player1),
abi.encode(18) // Dealer's hand total is 18
);
uint256 initialPlayerBalance = player1.balance;
console.log("Player's initial balance:", initialPlayerBalance);
// Call to compare hands
try twentyOne.call() {
console.log("Player call was successful.");
// Log balances after successful call
uint256 finalPlayerBalance = player1.balance;
console.log("Player's final balance:", finalPlayerBalance);
assertGt(finalPlayerBalance, initialPlayerBalance, "Player did not win!");
} catch (bytes memory reason) {
console.log("Error during call:", string(reason));
revert("Test failed due to revert during player call.");
}
// Log player's cards after the call
uint256[] memory playerCardsAfter = twentyOne.getPlayerCards(player1);
console.log("Player's cards after call:");
for (uint256 i = 0; i < playerCardsAfter.length; i++) {
console.log("Card:", playerCardsAfter[i]);
}
vm.stopPrank();
}
}
Updates

Lead Judging Commences

inallhonesty Lead Judge 11 months ago
Submission Judgement Published
Invalidated
Reason: Known issue
Assigned finding tags:

[INVALID] Known - Randomness

Randomness Manipulation: The randomness mechanism relies on block.timestamp, msg.sender, and block.prevrandao, which may be predictable in certain scenarios. Consider using Chainlink VRF or another oracle for more secure randomness.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.