Comments (7)
0xhiroshi
commented on July 28, 2024
1
There are 50 blocks per round, agents have 49 blocks to heal/escape without being frontrun. Even if startNewRound is only callable by the owner it might still make some heal/escape calls revert they are done in the same block.
from 2023-10-looksrare-judging.
nevillehuang
commented on July 28, 2024
There are 50 blocks per round, agents have 49 blocks to heal/escape without being frontrun. Even if
startNewRoundis only callable by theownerit might still make some heal/escape calls revert they are done in the same block.
Hi @0xhiroshi, this issue is not mentioned as an accepted risk in the contest details. Since it can result in unfair game mechanics for subsequent rounds, inclined to keep it as medium
from 2023-10-looksrare-judging.
0xhiroshi
commented on July 28, 2024
@nevillehuang The parameters are in the deployment script as well as in the test, it's part of the repository that's copied over the contest.
from 2023-10-looksrare-judging.
nevillehuang
commented on July 28, 2024
@nevillehuang The parameters are in the deployment script as well as in the test, it's part of the repository that's copied over the contest.
Thanks for the response! Could you point me to specific LOC in the tests that could imply that this issue is intended behavior? I am assuming you refer to this test
from 2023-10-looksrare-judging.
0xhiroshi
commented on July 28, 2024
I fail to see how this is a real issue. This is as fair as it gets, players get plenty of time to do it and this is not a risk that we have to accept to begin with.
from 2023-10-looksrare-judging.
0xhiroshi
commented on July 28, 2024
from 2023-10-looksrare-judging.
nevillehuang
commented on July 28, 2024
Agree with sponsor. If users choose to escape()/heal() extremely close to the end of the round, they should bear the risk of those functions reverting given this is a game. Even if you restrict the function, there is no guarantee that some users would still heal or escape.
Additionally, the startNewRound() function should remain public, as there is no reason that it should be called only by the owner to ensure the game is fair and won't be delayed. As such, this function should be called by any participant/anyone as soon as it is available to keep the game going.
from 2023-10-looksrare-judging.
Related Issues (20)
- 0xrobsol - Inefficiency and Potential Gas Overhead Due to Forced ETH Transfer Failures
- dethera - Permanent DoS - inappropriate struct definition makes every call to UniSwap V3 `SwapRouter` contract's function `exactOutputSingle` to always revert
- detectiveking - `agents[1].agentId` access in `claimGrandPrize` is potentially incorrect and can lead to loss of grand prize
- gkrastenov - Bypassing MAX_MINT_PER_ADDRESS requirement
- Kral01 - [H-01] '_swap' can break things while in a loop. HOT 12
- syahirAmali - Fairness of Randomness is threatened and possibilities for gaming the jackpot.
- gkrastenov - Possible blocking of the game HOT 2
- BoRonGod - Unsafe `minimumRequestConfirmations`
- detectiveking - _woundRequestFulfilled is not actually random
- syahirAmali - Game Creator might not start the actual game. HOT 1
- ge6a - fulfillRandomWords() could revert under certain circumstances HOT 24
- klaus - fulfillRandomWords - may be reverted due to a hardcoded callbackGasLimit
- gkrastenov - Missing approve before transferring of WETH to the recipient HOT 1
- SilentDefendersOfDeFi - Prevent Healing of Agents by price manipulation HOT 11
- detectiveking - Wounded agents are killed without the next phase starting
- BoRonGod - `sqrtPriceLimitX96` and `deadline` are not defined in InfiltrationPeriphery.sol
- 0xWSeeC - Order of operations and solidity rounding down affects the correct value
- 0xpep7 - Gas Consumption Vulnerability in Infiltration's `fulfillRandomWords` HOT 1
- Milad-Sha - Unsafe downcast HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from 2023-10-looksrare-judging.