Last Man Standing
First Flight #45
Beginner FriendlyFoundrySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Valid

Incorrect Logic in claimThrone Allows Only Current King to Claim Throne

seenu1947

Incorrect Logic in claimThrone Allows Only Current King to Claim Throne

Description

  • The claimThrone() function includes a logic check intended to prevent the current king from reclaiming the throne. However, the implemented condition is logically incorrect:

  • This statement only allows the current king to claim the throne again, and reverts all new challengers, which contradicts both the revert message and intended behavior of the game. As a result, the throne becomes unclaimable by other users, effectively freezing the game.

require(msg.sender == currentKing, "Game: You are already the king. No need to re-claim.");

Risk

Likelihood:

  • The function is central to gameplay and likely called frequently. Since the logic is actively inverted, every new throne claim attempt (by a non-king) will fail.

Impact:

  • Breaks core game mechanics: New players cannot claim the throne.

  • Game becomes unwinnable: Current king stays forever, defeating the purpose of the game loop.

  • Fund lock risk: ETH prize pot may become locked due to no possible winner.

Proof of Concept

require(msg.sender == currentKing, "Game: You are already the king. No need to re-claim.");

Recommended Mitigation

Update the logical condition in the claimThrone() function:
-require(msg.sender == currentKing, "Game: You are already the king. No need to re-claim.");
+require(msg.sender != currentKing, "Game: You are already the king. No need to re-claim.");
Updates

Appeal created

inallhonesty Lead Judge about 2 months ago
Submission Judgement Published
Validated
Assigned finding tags:

Game::claimThrone `msg.sender == currentKing` check is busted

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.