Rock Paper Scissors

First Flight #38
Beginner FriendlySolidity
100 EXP
View results
Submission Details
Severity: high
Invalid

Unsafe ERC20 Token Transfers

Unsafe ERC20 Token Transfers

Summary

Token transfers assume reverting behavior but don’t handle false returns from non-compliant ERC20 tokens.

Vulnerability Details

Location: createGameWithToken() and joinGameWithToken()

Issue:

transferFrom() calls lack return value checks

Could silently fail with tokens like USDT

Impact

High: Players might lose tokens without game registration

Contract state could desync from actual token balances

Tools Used

Manual review

Recommendations

  • Use SafeERC20 library from OpenZeppelin

  • Explicitly check transferFrom return values

Updates

Appeal created

m3dython Lead Judge 2 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Informational

Code suggestions or observations that do not pose a direct security risk.

m3dython Lead Judge 2 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Informational

Code suggestions or observations that do not pose a direct security risk.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.