Improper Game End Handling in EggHuntGame.sol
Summary
The EggHuntGame contract contains a design flaw in how it handles game end conditions. When a game's time elapses (block.timestamp > endTime), the contract enters an inconsistent state where the gameActive flag remains true, but the time-based checks prevent players from executing game actions. This inconsistent state persists until the contract owner explicitly calls the endGame() function.
Vulnerability Details
The issue arises because these two mechanisms can become out of sync:
When a game's duration expires (block.timestamp > endTime), the contract continues to report that the game is active via the gameActive flag, but the time check in searchForEgg() prevents any further game actions. This creates an ambiguous state where:
gameActive == truesuggests the game is activeTime-based checks prevent any game actions
getGameStatus()returns "Game time elapsed"
The game remains in this inconsistent state until the owner explicitly calls endGame().
Impact
User Confusion: Players may see the game is marked as active but cannot perform game actions
Interface Issues: dApps that rely solely on the gameActive flag to determine game state will display incorrect information
Contract Interaction Problems: External contracts that check only the gameActive flag might make incorrect decisions
Resource Consumption: The game remains in a semi-active state, potentially preventing new games from being starte
Tools Used
Maual code review
Forge Foundry
Recommendations
Automatic Game End: Modify the contract to automatically update the gameActive flag when block.timestamp > endTime:
Lead Judging Commences
Incomplete end game handling
Incorrect values reported when a game is ended early
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.