Logic Error in claimThrone() Blocks New Players from Participating
Root + Impact
Description
-
Normal Behavior:
In the intended game flow, any player except the current king should be able to claim the throne by sending the required claim fee. This mechanism allows the throne to change hands, the pot to grow, and the game to remain competitive. Each new claim should dethrone the previous king, updating the game state and increasing the claim fee for subsequent players. -
Specific Issue:
The current implementation of the claimThrone() function contains a logic error in the require statement:
This condition only allows the current king to claim the throne again, which is contrary to the intended game mechanics. As a result, once a player becomes the king, no other player can claim the throne. This effectively locks the game, preventing new participants and stopping the game from progressing. The pot cannot grow, and the competitive aspect of the protocol is lost.
Risk
Likelihood:
-
This will occur every time a new player tries to claim the throne, as the require statement only allows the current king to claim.
-
The game will be stuck with the initial king, preventing further gameplay.
Impact:
-
No new players can participate after the first claim, making the game unusable.
-
The pot cannot grow and the game cannot progress to new rounds as intended.
Proof of Concept
Player A claims the throne and becomes currentKing, then Player B tries to claim the throne it will fail.
Recommended Mitigation
Instead of requiring msg.sender == currentKing, change it to msg.sender != currentKing to prevent this and make game possible.
Appeal created
Game::claimThrone `msg.sender == currentKing` check is busted
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.