SWC-136: Fix double-reveal by a single player in odd_even_fixed example.

SmartContractSecurity / SWC-registry

Smart Contract Weakness Classification and Test Cases

https://swcregistry.io/

MIT License

847 stars 165 forks source link

SWC-136: Fix double-reveal by a single player in odd_even_fixed example. #265

Closed kacperzuk closed 1 year ago

kacperzuk commented 2 years ago

Before the fix one player could call reveal twice and force move to Stage.Distribution without second player revealing his number. As a result, 0 would be used as a second's player, which allows the attacking player to predictably win the game.

chaals commented 1 year ago

This makes sense to me. @dmuhs?

dmuhs commented 1 year ago

Great catch @kacperzuk. LGTM! 👍🏼