Last Man Standing
First Flight #45
Beginner FriendlyFoundrySolidity
100 EXP
View results
Previous Next
Submission Details
Impact: medium
Likelihood: medium
Invalid

No Emergency Pausing

ishwar

Description

  • The contract should be pausable for emergencies, such as discovered bugs or attacks, allowing the owner to halt gameplay and protect funds.

  • No pausing mechanism exists in the current code, leaving the contract exposed during active incidents.

// No Pausable logic anywhere in code

Risk

Likelihood:

  • Always present while the contract is active.

  • If an exploit is found, the owner cannot react quickly.

Impact:

  • Losses can be greater since the contract cannot be stopped.

  • Owner and players are exposed to ongoing risk.

Proof of Concept

// No Pausable logic
// All functions are always available

Explanation:
Without pausing, the contract continues to operate even during emergencies, increasing exposure and potential losses.

Recommended Mitigation

+ import "@openzeppelin/contracts/security/Pausable.sol";
+ contract Game is Ownable, Pausable {
+ // Add whenNotPaused to all external functions
+ }

Mitigation Explanation:
Integrate OpenZeppelin’s Pausable and apply whenNotPaused to user-accessible functions. This enables the owner to halt operations rapidly if needed.

Updates

Appeal created

inallhonesty Lead Judge about 2 months ago
Submission Judgement Published
Invalidated
Reason: Design choice

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.