Last Man Standing

First Flight #45

Beginner FriendlyFoundrySolidity

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Valid

Missing Payout to Previous King

ibrahimatix0x01

Title: Missing Payout to Previous King

Severity: High

Description:

The claimThrone() function in Game.sol includes a misleading comment that suggests the previous king should receive a portion of the new claim fee:

// If there's a previous king, a small portion of the new claim fee is sent to them.

However, there is no implementation of this logic in the function. The variable previousKingPayout is declared and initialized to 0 but is never updated or used in any payout logic. As a result, the previous king receives nothing when dethroned.

Impact:

Economic imbalance: Previous kings receive no compensation, reducing game incentives.
User dissatisfaction: Players expect a payout based on the comment but do not receive any ETH.
Misleading documentation: Comments and function behavior are inconsistent, which can erode trust and create confusion.

Proof of Concept:

In claimThrone():

uint256 previousKingPayout = 0;

// ... later used only in platform fee calculations (but remains 0)

No logic exists to send ETH or credit the dethroned king.

Recommended Fix:

Introduce a configurable parameter, e.g., previousKingFeePercentage, and implement the payout logic:

address oldKing = currentKing;

uint256 previousKingPayout = (sentAmount * previousKingFeePercentage) / 100;

pendingWinnings[oldKing] += previousKingPayout;

Also, ensure previousKingFeePercentage is initialized properly in the constructor and has an appropriate modifier for updating (e.g., onlyOwner).

References:

N/A

Tools Used:

Manual code review.

Foundry Test Case

To validate the missing payout to the previous king, the following test function can be added to GameTest.sol:

function testPreviousKingReceivesPayout() public {

// Player1 becomes the first king

vm.startPrank(player1);

game.claimThrone{value: INITIAL_CLAIM_FEE}();

vm.stopPrank();

// Capture the claim fee for player2

uint256 nextClaimFee = game.claimFee();

// Player2 dethrones player1

vm.startPrank(player2);

game.claimThrone{value: nextClaimFee}();

vm.stopPrank();

// Since the contract does not implement payout to previous king,

// player1 should still have zero pending winnings (BUG)

uint256 player1Winnings = game.pendingWinnings(player1);

assertEq(player1Winnings, 0, "Player1 should have received a payout, but did not");

}

This test validates that the dethroned player (player1) receives no payout, which confirms the missing logic and helps illustrate the bug in a reproducible environment.

Updates

Appeal created

inallhonesty Lead Judge about 1 month ago

Submission Judgement Published

Validated

Assigned finding tags:

Missing Previous King Payout Functionality

Rewards breakdown

nSLOC

181

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.