Root + Impact

Description

The go_on_stage_or_battle function allows a player to register as the defender by staking tokens and funds. However, there is no mechanism for handling inactivity, such as a timeout or voluntary withdrawal. This means the defender can occupy the arena indefinitely without completing a battle, resulting in locked funds and tokens for both the defender and potential challengers.

Once a defender enters the arena, their address and token ID are stored in the BattleArena resource. There is no logic for:

• A timeout period after which the defender can be automatically removed.

• A withdrawal mechanism for the defender to reclaim staked tokens/funds if no challenger arrives.

• As a result, the arena can remain permanently occupied, preventing others from participating.

Impact

• Denial of Service: Other players cannot initiate battles as long as a defender is locked in the arena.

• Fund Locking: The defender’s own staked assets (tokens and CRED) are also locked indefinitely.

• Griefing Vector: An attacker can intentionally stall the system by occupying the arena, preventing gameplay progression.

Recommended Mitigation

1. Introduce a Timeout:

   • Store a timestamp when the defender joins.
   • If no challenger arrives within a specified period, allow the defender to withdraw and reset the arena.

2. Withdrawal Functionality:

   • Provide a withdraw_defender() function that allows the defender to reclaim their bet and token if no challenger appears after a grace period.

3. Automatic Cleanup:

   • Optionally, allow any user to trigger cleanup after timeout, ensuring arenas do not remain blocked.