Summary: If the Player B oins the game using eth/token, and some third player calls the function ,the player B is overwritten and the token submitted to the contract is lost.
Vulnerability Details : joinGameWithToken()
and joinGameWithEth()
Issue:
If Player B joins, a new player can overwrite them by calling joinGame
again.
The original Player B loses their token permanently (no refund mechanism).
Impact:
Unfair Token Loss: Legitimate Player B loses funds without recourse.
Griefing Attack Vector: Malicious actors can front-run and replace Player B.
Broken Game Integrity: The intended two-player structure is violated.
Tools Used : Mannual Review
Recommendations : Add the lines in the two functions require(game.playerB == address(0), "Player B already joined");
Game state remains Created after a player joins
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.