Nobody can play
incorrect logic in claimThrone(), Restricts All Users Except Current King (address zero) and reverts with wrong error message
Description
The claimThrone() function incorrectly enforces that msg.sender == currentKing, effectively allowing only the current king to call the function. This contradicts the intended logic implied by the error message . It prevents any new players from participating and leads to game stagnation.
Risk
Likelihood:
Any user calling claimThrone() who is not already the king will immediately hit the revert condition. This is a guaranteed outcome on first use.
Impact:
The game becomes unusable after the first claim. No one can overtake the king, the pot never grows, and the core gameplay (claiming, competing, earning) is fundamentally broken.
Proof of Concept
The game current king game.currentKing() is a zero address and it restricts anybody form making a claim in Game.claimThrone() Player1 cannot even enter the game because the current msg.sender is a zero address. which was made vissible with emit log_address. It reverts because player1 is cannot be msg.sender.
Recommended Mitigation
To make player1 become msg.sender Invert the condition to msg.sender != currentKing, making new entrants be able to claim the throne.
Appeal created
Game::claimThrone `msg.sender == currentKing` check is busted
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.