Can't Start New Game If Old One Isn't Manually Ended
Summary
The startGame function lets the contract owner begin a new game by setting when it starts and ends, and by turning on the gameActive flag. It has a check that stops a new game from starting if one is already running. But this check only looks at the gameActive flag, which has to be turned off by calling the endGame function. If the owner doesn’t call endGame, and the game time has already finished, the game still stays locked. This means no new game can start, even though the old one is over.
Vulnerability Details
The vulnerability is that the game only checks a simple active flag without verifying if the game’s time has actually ended. This means if the owner fails to manually end the game, it remains locked even after its scheduled end, preventing any new game from starting. Essentially, the system becomes stuck, creating a "soft-lock" that renders the contract unusable until the owner intervenes.
Impact
Tools Used
manual review
Recommendations
Add a utility function to check game status more accurately:
Auto-expire the game based on time:
Lead Judging Commences
Incomplete end game handling
Incorrect values reported when a game is ended early
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.