Eggstravaganza

First Flight #37

Beginner FriendlySolidity

100 EXP

View results

Previous Next

Submission Details

Severity: low

Invalid

Owner can set egg finding threshold to zero, making the game unwinnable

mirkopezo

Summary

The setEggFindThreshold function allows the contract owner to adjust the probability of finding an egg. However, it does not prevent the owner from setting this threshold to 0, which would make it impossible for any player to find an egg.

Vulnerability Details

The setEggFindThreshold function updates the eggFindThreshold state variable, which is used in the searchForEgg function to determine if a player finds an egg.

// src/EggHuntGame.sol

function setEggFindThreshold(uint256 newThreshold) external onlyOwner {

require(newThreshold <= 100, "Threshold must be <= 100"); // No check for newThreshold > 0

eggFindThreshold = newThreshold;

}

// src/EggHuntGame.sol

function searchForEgg() external {

// ... checks ...

// Pseudo-random number generation (for demonstration purposes only)

uint256 random = uint256(

keccak256(abi.encodePacked(block.timestamp, block.prevrandao, msg.sender, eggCounter))

) % 100;

if (random < eggFindThreshold) { // If eggFindThreshold is 0, this condition is never met

eggCounter++;

eggsFound[msg.sender] += 1;

eggNFT.mintEgg(msg.sender, eggCounter);

emit EggFound(msg.sender, eggCounter, eggsFound[msg.sender]);

}

The setEggFindThreshold function only checks if newThreshold is less than or equal to 100 but lacks a check to ensure it's greater than 0. If the owner sets eggFindThreshold to 0, the condition random < eggFindThreshold in the searchForEgg function can never be true, as the pseudo-random number random is calculated as ... % 100, resulting in a value between 0 and 99 inclusive.

Impact

Setting the eggFindThreshold to 0 makes it impossible for players to find eggs by calling searchForEgg. This breaks the core gameplay loop and renders the game unplayable, potentially violating players' expectations of a fair game where there is always at least a small chance of success.

Tools Used

Manual Review

Recommendations

Modify the setEggFindThreshold function to ensure the newThreshold is strictly greater than 0.

function setEggFindThreshold(uint256 newThreshold) external onlyOwner {

// Ensure threshold is within the valid range (1-100 inclusive)

require(newThreshold > 0 && newThreshold <= 100, "Threshold must be between 1 and 100");

eggFindThreshold = newThreshold;

}

Updates

Lead Judging Commences

m3dython Lead Judge 7 months ago

Submission Judgement Published

Invalidated

Reason: Design choice

Assigned finding tags:

Trusted Owner

Owner is trusted and is not expected to interact in ways that would compromise security

Rewards breakdown

nSLOC

129

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.