Rock Paper Scissors

Summary

The RockPaperScissors::_determineWinner function handles the conclusion of each turn and resets key state variables for the next round. However, it fails to clear or reset the revealDeadline field between turns. As a result, a stale revealDeadline from a previous round may incorrectly trigger timeouts in future rounds, leading to unintended game cancellations or premature wins.

Vulnerability Details

Issue Explanation

The revealDeadline is set only after both players commit moves, but never cleared between rounds:

1. Stale Deadline Persists
   If a round ends just before the deadline, the next round starts with a leftover revealDeadline that may soon expire.

2. Incorrect Timeout Claims
   A malicious player could wait for the new round to begin, then immediately call timeoutReveal() using the expired revealDeadline, wrongly forcing a win or a refund.

3. State Corruption Risk
   Downstream logic that depends on revealDeadline being valid for the current round may behave unpredictably if it's stale.

Impact

• Game Manipulation: Players can exploit stale deadlines to claim unfair wins.

• Denial of Service: Honest players may find their games cancelled or forfeited without fault.

• Loss of Trust: Users may abandon the game if outcomes appear inconsistent or unfair.

Tools Used

• Manual Code Review

Recommendations

Reset revealDeadline to 0 at the start of every new round in _determineWinner, to prevent stale values from being reused: