[M-1] - `pot` parameter in `GameEnded` event will always be set to 0, not reflecting the real pot amount.
[M-1] - pot parameter in GameEnded event will always be set to 0, not reflecting the real pot amount.
Description
-
In
declareWinner()function,GameEndedevent is called to store relevant data about the game that is being finished:emit GameEnded(currentKing, pot, block.timestamp, gameRound);. The problem is thatpotvalue is being set to 0 before emittingGameEndedevent creating a discrepancy between the real pot value before ending the game and the one that is being recorded on the event.function declareWinner() external gameNotEnded {require(currentKing != address(0), "Game: No one has claimed the throne yet.");require(block.timestamp > lastClaimTime + gracePeriod,"Game: Grace period has not expired yet.");gameEnded = true;pendingWinnings[currentKing] = pendingWinnings[currentKing] + pot;@> pot = 0; // Reset pot after assigning to winner's pending winningsemit GameEnded(currentKing, pot, block.timestamp, gameRound);}
Risk
Likelihood:
Everytime a game is being ended this error will be reproduced.
Impact:
Although this error does not directly affect contract funds or any user funds, it can create discrepancies when displaying data in a frontend or when collecting data from past games.
Proof of Concept
As we can see in the declareWinner function, pot is being set to 0 right before emiting the event.
Recommended Mitigation
One recommended mitigation could be assigning the value of pot to a variable before setting pot to 0
Appeal created
Game::declareWinner emits GameEnded event with pot = 0 always
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.