Eggstravaganza

First Flight #37
Beginner FriendlySolidity
100 EXP
View results
Submission Details
Severity: low
Valid

onlyOwner game termination leads to inconsistent state and possible premature ending vulnerability

Description:

The EggHuntGame contract requires the owner to manually end active game by calling the endGame() function, which is protected by the onlyOwner modifier. Though players can't search for eggs after endTime, the game remains officially "active" until the owner manually calls endGame().

Additionally endGame() allows the owner to end game even if the endTime is not reached yet, which should not be the case.

Attack path 1:

  1. A game is started with a specified duration by the owner

  2. The endTime passes, marking the functional end of the game

  3. The gameActive flag remains true even though the end time has passed

  4. The owner becomes unavailable or fails to call endGame()

  5. The protocol becomes stuck in a state where gameActiveis true, but searchForEgg()is not available.

Attack path 2:

The owner might accidentally end a game prematurely before the scheduled endTime, unfairly cutting the game short for participants

Impact:

  • Players face uncertainty about the actual status of the game (functionally ended but technically active)

  • Risk of accidental premature termination of games by the owner, negatively affecting player experience

Recommended Mitigation:

Modify the endGame() function to remove the owner privilege and allow anyone to end the game, but only after its scheduled end time

- function endGame() external onlyOwner {
+ function endGame() external {
require(gameActive, "Game not active");
+ require(block.timestamp > endTime, "Game has not ended yet");
gameActive = false;
emit GameEnded(block.timestamp);
}
Updates

Lead Judging Commences

m3dython Lead Judge 4 months ago
Submission Judgement Published
Validated
Assigned finding tags:

Incomplete end game handling

Incorrect values reported when a game is ended early

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.