Last Man Standing

First Flight #45

Beginner FriendlyFoundrySolidity

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Valid

Flaw in claimThrone() Function

prajwalk1412

Logical Error in Claim throne + Critical Impact (LOC 185)

Description

claimThrone should allow any player to claim the throne after paying the required fee
Function uses ==, instead of != This prevents normal players from claiming the throne (no one can ever claim it)

function claimThrone() external payable gameNotEnded nonReentrant {

require(msg.value >= claimFee, "Game: Insufficient ETH sent to claim the throne.");

@> require(msg.sender == currentKing, "Game: You are already the king. No need to re-claim.");

// .....rest of the function

}

Risk

Likelihood:

Will occur everytime a non-king player tries to claim the throne hence, very likely to occur

Impact:

Game becomes unusable right after first claim (first claim being address(0) claim)

Game will not be able to progress

Proof of Concept

function testClaimThroneLogic() public {

// Alice claims first

vm.prank(alice);

game.claimThrone{value: 1 ether}();

// Bob tries to claim - should revert

vm.prank(bob);

vm.expectRevert("Game: You are already the king. No need to re-claim.");

game.claimThrone{value: 2 ether}();

}

Explanation : Here's a sample scenario

Alice claims the throne and becomes currentKing.
Bob tries to claim the throne with enough ETH.
Bob's transaction reverts with "Game: You are already the king. No need to re-claim."
Only Alice can call claimThrone() again, breaking the game.

Recommended Mitigation

function claimThrone() external payable gameNotEnded nonReentrant {

require(msg.value >= claimFee, "Game: Insufficient ETH sent to claim the throne.");

- require(msg.sender == currentKing, "Game: You are already the king. No need to re-claim.");

+ require(msg.sender != currentKing, "Game: You are already the king. No need to re-claim.");

// ... rest of function

}

Explanation : Now, an error is thrown only when you are not the king

Updates

Appeal created

inallhonesty Lead Judge about 2 months ago

Submission Judgement Published

Validated

Assigned finding tags:

Game::claimThrone `msg.sender == currentKing` check is busted

Rewards breakdown

nSLOC

181

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.