Last Man Standing

First Flight #45

Beginner FriendlyFoundrySolidity

100 EXP

View results

Previous Next

Submission Details

Impact: high

Likelihood: high

Invalid

[H-2] Malicious Owner Can Frontrun Whale Claim to Steal Entire Deposit via 100% Platform Fee

wolf_kalp

Root +Impact

[H-2] Malicious Owner Can Frontrun Whale Claim to Steal Entire Deposit via 100% Platform Fee

Description

The updatePlatformFeePercentage(uint256) function allows the onlyOwner to arbitrarily change the platform
fee to any value up to 100%. This fee is applied immediately in the claimThrone() function. A malicious owner
can frontrun high-value claimThrone() transactions by first setting platformFeePercentage = 100, causing the
entire ETH deposit from the next user to be siphoned as platform fees instead of contributing to the prize
pot.

This issue highlights the centralized and overpowered nature of the contract owner, who has unilateral control over multiple critical parameters without any timelock or access mitigation.

Impact:

1.Complete theft of user funds (e.g., if a whale sends 1000 ETH, the owner can steal all of it via 100% platform fee).

2.Undermines game fairness and trust, allowing owner to exploit participants.

3.Unilateral control creates a centralization risk, making the protocol non-trustless.

4.Other functions where the owner can abuse power:

:resetGame() → Owner can restart rounds arbitrarily.

:updateClaimFeeParameters() → Can manipulate fees to trap users.

:updateGracePeriod() → Can make the game unwinnable.

:withdrawPlatformFees() → Can drain all ETH collected via unfair fees.

:updatePlatformFeePercentage() → Can legally steal deposits.

Proof of Concept

1.Whale prepares a claimThrone() tx with 1000 ETH.

2.Owner monitors mempool, and before whale’s tx confirms:

3.game.updatePlatformFeePercentage(100); // Sets 100% platform fee

Whale’s tx confirms and entire 1000 ETH is added to platformFeesBalance, not pot.

4.Owner calls:

game.withdrawPlatformFees();

Owner steals all 1000 ETH, leaving nothing for the pot or game.

Recommended Mitigation

Add Upper Bound to Platform Fee:

Enforce a maximum platform fee cap (e.g., 10%) in the modifier:

require(_percentage <= 10, "Platform fee too high");

Updates

Appeal created

inallhonesty Lead Judge 4 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Rewards breakdown

nSLOC

181

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!