Rock Paper Scissors
First Flight #38
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

Missing Timeout Mechanism Allows Griefing

nonanondores

Summary

A malicious or unresponsive player can prevent game resolution by never submitting or revealing their move. There is no mechanism to time them out and recover locked funds.

Vulnerability Details

In the revealMove function, there is no enforcement of revealTimeout, even though the contract may track lastAction. This creates an indefinite waiting period.

function revealMove(...) external {
// no timeout check here
}

Impact

  • Locked game state and player funds.

  • Enables griefing attacks with no resolution path.

Tools Used

  • Manual Review

  • Test-driven simulation with time skipping (Hardhat/Foundry)

Recommendations

Add timeout enforcement logic and enable the honest player to claim a win:

function claimWinAfterTimeout(uint256 gameId) external {
require(block.timestamp > game.lastAction + game.revealTimeout);
address opponent = (msg.sender == game.player1) ? game.player2 : game.player1;
require(!game.hasRevealed[opponent], "Opponent already revealed");
_declareWinner(gameId, msg.sender);
}
Updates

Appeal created

m3dython Lead Judge about 2 months ago
Submission Judgement Published
Validated
Assigned finding tags:

Invalid TimeoutReveal Logic Error

timeoutReveal function incorrectly allows execution and game cancellation even when only one player has committed

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.