Eggstravaganza

First Flight #37

Beginner FriendlySolidity

100 EXP

View results

Previous Next

Submission Details

Severity: low

Invalid

[L-1] Missing event in setter function

parkervzone

Summary

When starting and changing the eggFindThreshold, players are not notified about the threshold.

Vulnerability Details

startGame() source code:

function startGame(uint256 duration) external onlyOwner {

require(!gameActive, "Game already active");

require(duration >= MIN_GAME_DURATION, "Duration too short");

startTime = block.timestamp;

endTime = block.timestamp + duration;

gameActive = true;

emit GameStarted(startTime, endTime);

}

setEggFindThreshold() source code:

function setEggFindThreshold(uint256 newThreshold) external onlyOwner {

require(newThreshold <= 100, "Threshold must be <= 100");

eggFindThreshold = newThreshold;

}

In the code above, you can see that in the functions (setEggFindThreshold(),startGame()), players are not notified of which chance is being used in the game.

Impact

The owner can change the eggFindThreshold uncontrollably and players will not be notified about the rules of the game. This may lead to reputational risks and some users may choose not to play as they are not notified of changes in the game.

Tools Used

Manual code review

Recommendations

Add events and emits in startGame() and setEggFindThreshold():

+event CurrentEggFindingChance(uint256 eggFindThreshold)

...

function startGame(uint256 duration) external onlyOwner {

require(!gameActive, "Game already active");

require(duration >= MIN_GAME_DURATION, "Duration too short");

startTime = block.timestamp;

endTime = block.timestamp + duration;

gameActive = true;

+ emit CurrentEggFindingChance(eggFindThreshold)

emit GameStarted(startTime, endTime);

}

function setEggFindThreshold(uint256 newThreshold) external onlyOwner {

require(newThreshold <= 100, "Threshold must be <= 100");

eggFindThreshold = newThreshold;

+ emit CurrentEggFindingChance(newThreshold)

}

Updates

Lead Judging Commences

m3dython Lead Judge 5 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Assigned finding tags:

Event Emission

Standard practice for clarifying important contract behaviors

Rewards breakdown

nSLOC

129

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.