Submission Details
Severity:
Game cannot be play because of a bad require statement
[H] Game cannot be play because of a bad require statement
Description:
The function Game:claimThrone has the following requirement:
require(msg.sender == currentKing, "Game: You are already the king. No need to re-claim.");
At the beginning of the function.
If the msg.sender is the currentKing then he/she can claim the throne, and the first King is address(0).
Impact:
Nobody can claim the throne and the game cannot be play.
Proof of Concept:
add the following test in Game.t.sol
function test_claim_throne() public {
vm.prank(player1);
vm.expectRevert("Game: You are already the king. No need to re-claim.");
game.claimThrone{value: INITIAL_CLAIM_FEE}();
}
Recommended Mitigation:
Change the requirement as follow :
- require(msg.sender == currentKing, "Game: You are already the king. No need to re-claim.");
+ require(msg.sender != currentKing, "Game: You are already the king. No need to re-claim.");
Updates
Appeal created
inallhonesty 21 days ago
Submission Judgement Published Assigned finding tags:
Game::claimThrone `msg.sender == currentKing` check is busted
Rewards breakdown
nSLOC
181This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.