Eggstravaganza
First Flight #37
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: low
Valid

Incorrect Time Remaining Reporting When Game is Inactive

lazyrams

Summary

The getTimeRemaining() function returns time left based solely on endTime, ignoring the game’s active state, leading to misleading UI/UX.

Vulnerability Details

Location: EggHuntGame.sol, getTimeRemaining() function
Code Snippet:

function getTimeRemaining() external view returns (uint256) {
return block.timestamp >= endTime ? 0 : endTime - block.timestamp; // 🚨 No `gameActive` check
}

Issue:

  • Missing gameActive Check: The function reports time left until endTime even if the game was manually ended via endGame() (setting gameActive = false).

  • Misleading Data: Players see a positive "time remaining" even when the game is inactive.

Impact

  • User Confusion: Players may attempt actions (e.g., searchForEgg()) expecting the game to be active.

Tools Used

  • Manual Code Review

Recommendations

  • Modify getTimeRemaining() to Include gameActive Check:

function getTimeRemaining() external view returns (uint256) {
// Return 0 immediately if the game is inactive
if (!gameActive) {
return 0;
}
return block.timestamp >= endTime ? 0 : endTime - block.timestamp;
}
Updates

Lead Judging Commences

m3dython Lead Judge 3 months ago
Submission Judgement Published
Validated
Assigned finding tags:

Incomplete end game handling

Incorrect values reported when a game is ended early

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.