Eggstravaganza
First Flight #37
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: high
Invalid

The endGame function doesn't check endTime condition

iamthesvn

Summary

The endGame function in the EggHuntGame contract allows the owner to end the game before the specified endTime, which is not the intended behavior. This can lead to premature termination of the game.

Vulnerability Details

The endGame function currently does not check if the current time (block.timestamp) has reached or passed the endTime. As a result, the owner can call endGame at any time, even before the game is supposed to end.

Relevant code:

/// @notice Ends the egg hunt game.
function endGame() external onlyOwner {
require(gameActive, "Game not active");
gameActive = false;
emit GameEnded(block.timestamp);
}

Impact

Participants may lose the opportunity to find eggs within the expected duration.

Tools Used

Manual review

Recommendations

Add a condition to the endGame function to check if the current time has reached or passed the endTime before allowing the game to end.

/// @notice Ends the egg hunt game.
function endGame() external onlyOwner {
require(gameActive, "Game not active");
require(block.timestamp >= endTime, "Cannot end game before end time");
gameActive = false;
emit GameEnded(block.timestamp);
}
Updates

Lead Judging Commences

m3dython Lead Judge 8 months ago
Submission Judgement Published
Invalidated
Reason: Design choice
Assigned finding tags:

Trusted Owner

Owner is trusted and is not expected to interact in ways that would compromise security

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!