Submission Details
Severity:
Front-Running Vulnerability in Game Creation in the `RockPaperScissors::createGameWithEth` function
Description: The game creation process is susceptible to front-running attacks, where an attacker could observe pending transactions and create games with more favorable conditions.
Impact: Malicious actors could consistently front-run game creation transactions, potentially disrupting the game flow and fairness.Malicious actors could consistently front-run game creation transactions, potentially disrupting the game flow and fairness.
Proof of Concept:
// Front-running attack
contract FrontRunExploit {
RockPaperScissors public game;
constructor(RockPaperScissors _game) {
game = _game;
}
function attack(uint256 _totalTurns, uint256 _timeoutInterval) external payable {
// Create game with same parameters but higher gas price
game.createGameWithEth{value: msg.value, gas: 1_000_000}(_totalTurns, _timeoutInterval);
}
}
Recommended Mitigation:
// ... existing code ...
function createGameWithEth(uint256 _totalTurns, uint256 _timeoutInterval) external payable returns (uint256) {
require(msg.value >= minBet, "Bet amount too small");
require(_totalTurns > 0, "Must have at least one turn");
require(_totalTurns % 2 == 1, "Total turns must be odd");
require(_timeoutInterval >= 5 minutes, "Timeout must be at least 5 minutes");
// Add commit-reveal scheme for game creation
bytes32 gameHash = keccak256(abi.encodePacked(
msg.sender,
_totalTurns,
_timeoutInterval,
block.timestamp
));
uint256 gameId = gameCounter++;
Game storage game = games[gameId];
// ... existing code ...
}
// ... existing code ...
Rewards breakdown
nSLOC
349This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.