Rock Paper Scissors
First Flight #38
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Invalid

Unfair One-Turn Game Vulnerability

grands9n47

Summary

The function createGameWithEth permits creating a game with only 1 turn, as long as the total number of turns is an odd number greater than zero. While this passes the current validation, it introduces potential gameplay imbalances and violates typical assumptions in turn-based two-player games. The logic does not ensure that both players have an opportunity to act, which can lead to unfair outcomes and poor user experience.

Vulnerability Details

Issue:

  • The check allows _totalTurns = 1, which leads to:

    • A game that may end before the second player takes any action

    • Misleading game flow if players expect at least one turn each

    • Potential for strategic abuse if player A can win instantly

require(_totalTurns > 0, "Must have at least one turn");
require(_totalTurns % 2 == 1, "Total turns must be odd");

Impact

Player A could dominate or end the game before Player B can act.

Tools Used

Manual review

Recommendations

Enforce a minimum of 3 turns when creating a game to guarantee at least one move per player and prevent edge-case abuse:

require(_totalTurns >= 3 && _totalTurns % 2 == 1, "Total turns must be odd and at least 3");
Updates

Appeal created

m3dython Lead Judge 4 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.