Rock Paper Scissors

First Flight #38
Beginner FriendlySolidity
100 EXP
View results
Submission Details
Severity: high
Valid

Player B Replacement Leading to Token Loss

Summary: If the Player B oins the game using eth/token, and some third player calls the function ,the player B is overwritten and the token submitted to the contract is lost.

Vulnerability Details : joinGameWithToken() and joinGameWithEth()

  • Issue:

    • If Player B joins, a new player can overwrite them by calling joinGame again.

    • The original Player B loses their token permanently (no refund mechanism).

Impact:

  1. Unfair Token Loss: Legitimate Player B loses funds without recourse.

  2. Griefing Attack Vector: Malicious actors can front-run and replace Player B.

  3. Broken Game Integrity: The intended two-player structure is violated.

Tools Used : Mannual Review

Recommendations : Add the lines in the two functions require(game.playerB == address(0), "Player B already joined");

Updates

Appeal created

m3dython Lead Judge 2 months ago
Submission Judgement Published
Validated
Assigned finding tags:

Absence of State Change on Join Allows Player B Hijacking

Game state remains Created after a player joins

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.