Eggstravaganza
First Flight #37
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

Inaccurate Win Probability Due to Misleading Threshold Limit

jumpupjoran

Summary

The setEggFindThreshold function allows the owner to set a threshold value up to 100. However, the random value generated by the game logic ranges from 0 to 99 (mod 100), meaning 100 can never be hit. This leads to a subtle logic flaw where an owner may believe the threshold is valid and accurate, but it's actually off by one.

Vulnerability Details

random number between generator logic is as followed:

uint256 random = uint256(
keccak256(
abi.encodePacked(
block.timestamp,
block.prevrandao,
msg.sender,
eggCounter
)
)
) % 100;

and threshold check currently permist 100:

function setEggFindThreshold(uint256 newThreshold) external onlyOwner {
-> require(newThreshold <= 100, "Threshold must be <= 100"); // 99 instead of 100
eggFindThreshold = newThreshold;
}

Impact

this introduces an off-by-one logic error:

  1. A threshold of 50 does not give a 50% win chance but ~49.5%

  2. A threshold of 100 results in a 100% win chance, not the expected 99%.

  3. This misalignment leads to inaccurate game logic, potentially undermining fairness or gameplay balance.

Even if the owner is trusted, this results in misleading configuration and unintentional behavior.

Tools Used

static analysis

Recommendations

function setEggFindThreshold(uint256 newThreshold) external onlyOwner {
- require(newThreshold <= 100, "Threshold must be <= 100");
+ require(newThreshold < 100, "Threshold must be < 100");
eggFindThreshold = newThreshold;
}
Updates

Lead Judging Commences

m3dython Lead Judge 3 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.