Eggstravaganza

First Flight #37

Beginner FriendlySolidity

100 EXP

View results

Previous Next

Submission Details

Severity: low

Valid

[L-01] Incorrectly displays the remaining time until the end of underlying game

vladich0x

Summary

[L-01] Incorrectly displays the remaining time until the end of underlying game

Vulnerability Details

The following function EggHuntGame.sol::getRemainigTime() gives back information of the remaining time until end of the active game. The implementation checks only the current time against endTime. The wrong behavior comes when the game owner terminates earlier the game (before the game duration is expired) and only the state variable gameActive is updated, without resetting endTime. Missing check in EggHuntGame.sol::getRemainigTime() for the state gamActive leads to calculating incorrect remaining time in the game.

function getTimeRemaining() external view returns (uint256) {

// missing game state check

return block.timestamp >= endTime ? 0 : endTime - block.timestamp;

}

Impact

Missing check for the state gameActive within functionEggHuntGame.sol::getRemainigTime() leads to:

incorrect calculations of remaining time in the game when the game is terminated earlier than the duration is expired
misleading the active players and other potential participant that there is still a running game, when the game is terminated earlier of duration expiration

Tools Used

Manual review
Foundry

PoC

Add the following test to EggHuntGameTest.t.sol.

function testGetTimeRemainingAfterGameEnded() public {

uint256 duration = 100;

uint256 start = block.timestamp;

uint256 endTime = start + duration;

console.log("startTime: ", start);

console.log("expected endTime: ", start + duration);

vm.prank(game.owner());

game.startGame(duration);

vm.warp(block.timestamp + duration / 2);

vm.prank(game.owner());

game.endGame();

console.log("game ended: ", block.timestamp);

assertTrue(block.timestamp < endTime);

uint256 remaining = game.getTimeRemaining();

console.log("remaining time: ", remaining);

}

Recommendations

Update the following check within EggHuntGame.sol::getTimeRemaining() in order to calculate remaining time in the game correct. This way the calculations will be correct, even the game has been terminated before the durataion is expired.

function getTimeRemaining() external view returns (uint256) {

- return block.timestamp >= endTime ? 0 : endTime - block.timestamp;

+ return block.timestamp >= endTime || !gameActive ? 0 : endTime - block.timestamp;

}

Updates

Lead Judging Commences

m3dython Lead Judge 5 months ago

Submission Judgement Published

Validated

Assigned finding tags:

Incomplete end game handling

Incorrect values reported when a game is ended early

Rewards breakdown

nSLOC

129

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.