Last Man Standing

First Flight #45

Beginner FriendlyFoundrySolidity

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Valid

[H-2] The `Game::claimThrone` function will always revert if called by a player who is not the current king, leading to a loss of control over the game.

thecil

Root + Impact

[H-2] The Game::claimThrone function will always revert if called by a player who is not the current king, leading to a loss of control over the game.

Description

The Game::claimThrone function checks if the caller is the current king using the Game::currentKing variable. If not, it will revert with a message indicating that the player is not the current king. This ensures that only the current king can claim the throne.

function claimThrone() external payable gameNotEnded nonReentrant {

require(msg.value >= claimFee, "Game: Insufficient ETH sent to claim the throne.");

@> require(msg.sender == currentKing, "Game: You are already the king. No need to re-claim.");

Risk

Likelihood: High

Reason 1 : A player wants to enter the game by calling claimThrone function and pay the claimFee.

Impact: High

Impact 1: No one can enter the game, since the Game::currentKing variable starts at address(0).

Proof of Concept

(Proof of code)

The following unit test will demonstrate how the function reverts when called by a player who is not the Game::currentKing and Game::currentKing value is address(0):

function test_claimThrone() public {

address _currentKing = game.currentKing();

console2.log("Current King: ", _currentKing);

// Check that the current king is zero before claiming

assertEq(

_currentKing,

address(0),

"Current King should be zero before claiming"

);

vm.startPrank(player1);

vm.expectRevert("Game: You are already the king. No need to re-claim.");

game.claimThrone{value: INITIAL_CLAIM_FEE}();

vm.stopPrank();

}

Recommended Mitigation

Replace the strict equality with a more robust comparison, such as:

- require(msg.sender == currentKing, "Game: You are already the king. No need to re-claim.");

+ require(msg.sender != currentKing, "Game: You are already the king. No need to re-claim.");

Updates

Appeal created

inallhonesty Lead Judge 11 days ago

Submission Judgement Published

Validated

Assigned finding tags:

Game::claimThrone `msg.sender == currentKing` check is busted

Rewards breakdown

nSLOC

181

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.