If a user staked NRN for a fighter, and lost a game, a part of their stake is sent to StakeAtRisk. If the user increases the stake, and plays another game, three outcomes are possible:
Win - StakeAtRisk is restored
Tie - no changes
Loss - StakeAtRisk is increased again by bps * (staked + stakeAtRisk)
Therefore, increasing the stake has no benefits for users with 0-1 (or any wins - losses == -1) score, but has a downside that more NRN will become at risk.
Similarly, if a user with 1-0 (or any wins - losses == 1) score increases the stake and loses his next match, he will lose just the points he earned in the previous game (same as before he increased the stake). For the next game he could earn more, but lose the same amount.
Users can just choose to send 99% of their points to MergingPool, and when losing they will lose just the 1% that was left from their victory
Proof of Concept
(we will neglect elo factor for simplicity)
imagine Alice has 50% winrate, and she stakes 100e18 NRN before her first game
outcomes:
won + won
+ 20 bps from the initiate stake
won + lost
0 bps from the initiate stake
-----------
----------------------------------
lost + won
0 bps from the initiate stake
-----------
----------------------------------
lost + lost
- 20 bps from the initiate stake
-----------
----------------------------------
As 4 outcomes have equal probability, we can conclude that her ev is 0
Now imagine Bob with the same winrate and capital, but a better strategy: he stakes 1 wei, and increases his stake to 100e18 NRN only if he wins the first game;
outcomes:
won + won
+ 20 bps from the initiate stake
won + lost
0 bps from the initiate stake
-----------
----------------------------------
lost + won
0 bps from the initiate stake
-----------
----------------------------------
lost + lost
- 20 bps from the initiate stake
-----------
----------------------------------
Bob manages to secure positive ev for the same amount of games and the same stake
Bob can further improve the strategy by doubling his 1 wei stake for every consequtive loss, e.g. if he lost 2 games with x stake at any time after being net zero, he stakes 2x, after losing again stakes 4x and so on, so he will make it back for all consequtive losses in 1 stake.
The root cause of this strategy is the contract logic that does not allow losing/gaining points and NRN for the same game.
This issue puts casual gamers at a disadvantage, as they will get significantly less rewards for the same capital.
Recommended Mitigation Steps
It should still be possible to get points for winning even if stakeAtRisk > 0
It should be possible for losing to get stakeAtRisk even if points > 0
c4-bot-10
commented
5 months ago
Lines of code
https://github.com/code-423n4/2024-02-ai-arena/blob/cd1a0e6d1b40168657d1aaee8223dc050e15f8cc/src/RankedBattle.sol#L416
Vulnerability details
Impact
If a user staked NRN for a fighter, and lost a game, a part of their stake is sent to StakeAtRisk. If the user increases the stake, and plays another game, three outcomes are possible:
bps * (staked + stakeAtRisk)Therefore, increasing the stake has no benefits for users with 0-1 (or any
wins - losses == -1) score, but has a downside that more NRN will become at risk.Similarly, if a user with 1-0 (or any
wins - losses == 1) score increases the stake and loses his next match, he will lose just the points he earned in the previous game (same as before he increased the stake). For the next game he could earn more, but lose the same amount.Users can just choose to send 99% of their points to MergingPool, and when losing they will lose just the 1% that was left from their victory
Proof of Concept
(we will neglect elo factor for simplicity)
imagine Alice has 50% winrate, and she stakes 100e18 NRN before her first game
As 4 outcomes have equal probability, we can conclude that her ev is 0
Now imagine Bob with the same winrate and capital, but a better strategy: he stakes 1 wei, and increases his stake to 100e18 NRN only if he wins the first game;
Bob manages to secure positive ev for the same amount of games and the same stake
The root cause of this strategy is the contract logic that does not allow losing/gaining points and NRN for the same game.
This issue puts casual gamers at a disadvantage, as they will get significantly less rewards for the same capital.
Recommended Mitigation Steps
stakeAtRisk > 0points > 0Assessed type
Other