AI Arena Mitigation Review

In AI Arena you train an AI character to battle in a platform fighting game. Imagine a cross between Pokémon and Super Smash Bros, but the characters are AIs, and you can train them to learn almost any skill in preparation for battle.

  • Start date8 Apr 2024
  • End date18 Apr 2024
  • Total awards$21,000 in USDC
  • Duration10 days

AI Arena Mitigation Review details

Important note

Each warden must submit a mitigation review for every individual PR listed in the Scope section below. Incomplete mitigation reviews will not be eligible for awards.

Findings being mitigated

Mitigations of all High and Medium issues will be considered in-scope and listed here.

Overview of changes

  • Fixed issues with tokenId restrictions: There was an issue when re-rolling for fighters with token IDs greater than 255 which has been addressed.

  • Override fixes in safeTransferFrom

  • DNA generation fixes: Issues in the generation process during minting from the merging pool and in the re-roll and claim functions have been fixed.

  • Non-transferable GameItems fix: There was a bug that allowed non-transferable game items to be transferred, which has been fixed.

  • Mitigation of reentrancy in claimRewards: Reentrancy attack was mitigated.

  • Uninitialized numElements variable: An uninitialized variable numElements was fixed.

  • ECRecover vulnerability: A known vulnerability with ECRecover was addressed.

  • Update to ranking and staking mechanisms: There were fixes to staking requirements and an update to ranked battle contracts.

Areas of specific concern would be:

  • Reentrancy vulnerabilities.
  • Signature malleability in ECRecover.
  • Non-transferable items being transferred.



Mitigations branch

Mitigations of High & Medium Severity Issues

URLMitigation ofOriginal IssuePurpose safeTransferFrom override with data Non-transferable GameItems being transferred with GameItems::safeBatchTransferFrom for Players have complete freedom to customize the fighter NFT when calling redeemMintPass and can redeem fighters of types Dendroid and with rare attributes reRoll for fighters with tokenIds greater than 255 for DoS in MergingPool::claimRewards function and potential DoS in RankedBattle::claimNRN function if called after a significant amount of rounds passed. dna generation in reRoll and updated dna generation in claimFighters dna generation in mintFromMergingPool for NFTs can be transferred even if StakeAtRisk remains, so the user's win cannot be recorded on the chain due to underflow, and can recover past losses that can't be recovered(steal protocol's token)

Additional scope to be reviewed

These are additional changes that will be in scope.

URLMitigation ofOriginal IssuePurpose claimRewards reentrancy, fixed uninitialized numElements and fixed points intialization to match maxId Ecrecover is known to be vulnerable to signature malleability QA Report for #704 unstakeNRN and setNewRound and mint upto MAX_SUPPLY setup function and new require conditions for staking and unstaking. Unstaking require correction for gas intensive setUpAirdrop function and airdrop mechanism. Missing finalized test for new airdrop mechanism but working Airdrop script based on merkle root and proof.

Out of Scope