Submission Details
Severity:
# Forgotten Winner Declaration Allows Late Claims which Undermine's Game Finality
# Forgotten Winner Declaration Allows Late Claims which Undermine's Game Finality
## Description
- Normally, after the `gracePeriod` expires, the last king should be declared the winner and the game should end, preventing further claims.
- In the current implementation, if no one calls `declareWinner()` after the grace period, the game remains active, allowing a new player to claim the throne even after the original king should have won.
## Risk
**Likelihood**:
- This will occur whenever the grace period expires and no one calls `declareWinner()`.
- Any user can claim the throne after the grace period, even though the previous king should have won.
**Impact**:
- The rightful winner may lose their prize if someone else claims the throne after the grace period.
- Undermines the finality and fairness of the game, leading to loss of trust.
## Proof Of Concept
- After the grace period expires, no one calls declareWinner(). Another player is able to claim the throne, resetting the timer and stealing the win.
**Proof Of Code**
```javascript
function testWinnerDeclarationForgotten() public {
vm.startPrank(deployer);
game.claimThrone{value: game.claimFee()}();
vm.warp(block.timestamp + GRACE_PERIOD + 1);
vm.stopPrank();
vm.startPrank(player1);
game.claimThrone{value: game.claimFee()}();
vm.stopPrank();
}
```
## Recommended Mitigation
- Automatically prevent new claims after the grace period has expired, or require the contract to check for grace period expiry in `claimThrone()` and end the game if needed.
```diff
function claimThrone() external payable gameNotEnded nonReentrant {
+ require(block.timestamp <= lastClaimTime + gracePeriod, "Game: Grace period expired, cannot claim.");
// ...existing code...
}
```
Updates
Appeal created
inallhonesty about 2 months ago
Submission Judgement Published Assigned finding tags:
Game::claimThrone can still be called regardless of the grace period
Rewards breakdown
nSLOC
181This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.