Rock Paper Scissors

First Flight #38

Beginner FriendlySolidity

100 EXP

View results

Previous Next

Submission Details

Severity: high

Valid

Missing check for existing playerB in RockPaperScissors contract

freesultan

Summary

Whenever someone creates a game and becomes playerA, anyone can join the game and become playerB. However, there is no check to see if someone has already joined as playerB. As a result, it is possible for multiple users to join the game and send ETH or the winning token to the contract, but only the last user who joined will be set as playerB. The other users’ tokens or funds will get stuck in the contract.

Vulnerability Details

In the RockPaperScissors::joinGameWithEthor RockPaperScissors::joinGameWithToken there is no check to determine if the PlayerB has already already joined:

function joinGameWithEth(uint256 _gameId) external payable {

Game storage game = games[_gameId];

require(game.state == GameState.Created, "Game not open to join");

require(game.playerA != msg.sender, "Cannot join your own game");

require(block.timestamp <= game.joinDeadline, "Join deadline passed");

require(msg.value == game.bet, "Bet amount must match creator's bet");

@> game.playerB = msg.sender;

emit PlayerJoined(_gameId, msg.sender);

}

Anyone can join as playerB, even after someone else has already joined. As a result, the previous user will be replaced, and their funds or tokens will remain locked in the contract.

Impact

Users who have joined a game may be removed from the game without knowing that they are no longer part of it. Their funds will be locked in the contract, with no function available to withdraw or refund them.

Tools Used

Manual review

Recommendations

Add a check to ensure that a user cannot join as playerB if playerB has already been set.

Updates

Appeal created

m3dython Lead Judge about 2 months ago

Submission Judgement Published

Validated

Assigned finding tags:

Absence of State Change on Join Allows Player B Hijacking

Game state remains Created after a player joins

Rewards breakdown

nSLOC

349

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.