Last Man Standing
First Flight #45
Beginner FriendlyFoundrySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Valid

Logic Error in `claimThrone` Prevents Any Player from Claiming the Throne

danbot

Root + Impact

Description

  • Normally, any player who is not the current king should be able to call claimThrone() by paying the required fee to become the new king.

  • However, the current implementation uses a require condition that mistakenly allows only the current king to claim the throne, which breaks the entire game logic.

function claimThrone() external payable gameNotEnded nonReentrant {
require(msg.value >= claimFee, "Game: Insufficient ETH sent to claim the throne.");
@> require(msg.sender == currentKing, "Game: You are already the king. No need to re-claim.");
...
}

Risk

Likelihood:

  • The issue occurs on every call to claimThrone() after deployment.

  • It is persistent, and no precondition has to be fulfilled.

Impact:

  • Practically, no participant can execute the claimThrone() function successfully.

  • The game is completely unplayable, because no new king can ever be crowned.

Proof of Concept

Deploy the core contract Game.sol, then any user can attempt to call claimThrone():

game.claimThrone{value: claimFee}(); // reverts with "Game: You are already the king. No need to re-claim."

Recommended Mitigation

Replace == with != in the requirement statement to correctly enforce that new participants can become king:

- require(msg.sender == currentKing, "Game: You are already the king. No need to re-claim.");
+ require(msg.sender != currentKing, "Game: You are already the king. No need to re-claim.");
Updates

Appeal created

inallhonesty Lead Judge 4 months ago
Submission Judgement Published
Validated
Assigned finding tags:

Game::claimThrone `msg.sender == currentKing` check is busted

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!