Centralized Admin Control Poses Risk of Fund Loss or Manipulation
Summary
The contract relies on a centralized admin for critical functions such as setting timeouts and withdrawing fees, which could be exploited if the admin is compromised
Vulnerability Details
Root Cause: The admin controls functions like setJoinTimeout, withdrawFees, and setAdmin, which allow manipulation of game parameters and withdrawal of accumulated fees.
Exploitation: A compromised admin could drain accumulated fees or alter game settings (e.g., extend join timeouts indefinitely), disrupting gameplay or stealing funds.
Details: The admin address is set during deployment and can only be changed by the current admin. However, this centralized control creates a single point of failure.
Impact
Likelihood: Medium - Requires admin compromise, which is feasible if the admin's private key is stolen or if there are weak security practices.
Impact: High - Could result in significant financial loss (e.g., draining accumulated fees) or disruption of the game ecosystem.
Tools Used
Recommendations
Decentralize Admin Control: Use a multi-signature wallet for admin actions to require multiple approvals for critical functions.
Governance Mechanism: Consider implementing a decentralized governance system (e.g., a DAO) to manage admin functions.
Time-Locked Admin Changes: Add a time lock for changing the admin address to allow for emergency responses if an admin is compromised.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.