Rock Paper Scissors
First Flight #38
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

[L-3] State changes after external calls, violating CEI pattern

zacwilliamson

Description:
Multiple functions in RockPaperScissors.sol update contract state after calling external contracts. This breaks the Checks-Effects-Interactions (CEI) pattern, which is critical for preventing reentrancy attacks.

Impact: Affected Lines / Instances:

Line 125 & 131
Function: createGameWithToken()

Calls winningToken.balanceOf(...) and transferFrom(...) before setting game state like game.playerA, game.timeoutInterval, etc.

Line 177 & 180
Function: joinGameWithToken()

Calls winningToken.balanceOf(...) and transferFrom(...) before setting game.playerB.

Recommended Mitigation:

  1. Rewrite functions to follow CEI pattern

Updates

Appeal created

m3dython Lead Judge 4 months ago
Submission Judgement Published
Invalidated
Reason: Too generic
m3dython Lead Judge 4 months ago
Submission Judgement Published
Invalidated
Reason: Too generic

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.