Eggstravaganza
First Flight #37
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Invalid

Missing event emission for critical parameter changes leads to lack of transparency

teoslaf

Summary

The EggHuntGame::setEggFindThreshold function modifies a critical game parameter but does not emit any events, preventing on-chain monitoring of game mechanics changes.

Vulnerability Details

The contract lacks event emissions for parameter changes:

## EggHuntGame.sol
function setEggFindThreshold(uint256 newThreshold) external onlyOwner {
require(newThreshold <= 100, "Threshold must be <= 100");
eggFindThreshold = newThreshold;
// No event emission
}

This violates the best practice of emitting events for all state-changing operations, especially those affecting core game mechanics.

Impact

  • Players cannot monitor threshold changes on-chain

  • No historical record exists for auditing game fairness

  • Reduces transparency and trust in the game

  • Makes it impossible to create notifications or UIs that alert players to game mechanic changes

  • Compounds the centralization risk by enabling silent manipulation

Tools Used

  • Manual code review

  • Best practices analysis

Recommendations

Implement event emissions for all parameter changes:

+ event EggFindThresholdChanged(uint256 oldValue, uint256 newValue);
function setEggFindThreshold(uint256 newThreshold) external onlyOwner {
require(newThreshold <= 100, "Threshold must be <= 100");
+ uint256 oldThreshold = eggFindThreshold;
eggFindThreshold = newThreshold;
+ emit EggFindThresholdChanged(oldThreshold, newThreshold);
}
Updates

Lead Judging Commences

m3dython Lead Judge 8 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Event Emission

Standard practice for clarifying important contract behaviors

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!