AI Arena - okolicodes's results

Lines of code

https://github.com/code-423n4/2024-02-ai-arena/blob/cd1a0e6d1b40168657d1aaee8223dc050e15f8cc/src/RankedBattle.sol#L519-L535

Vulnerability details

Impact

The users Staking factor fails to increase and as such remains same no matter their stake amount.

Proof of Concept

In the projects documentation, the staking factor helps to determine the amount of rewards a user could receive for a given round based on their staked amount. According to the docs, "The more NRN a player stakes, the more Points their Challenger NFT can accumulates" tho as the user stake increases the impact of the marginal NRN staked decreases as more NRN is staked. The issue here is that Based on the code implementation the staking factor is calculated wrongly and would always return 1 no matter the amount an average user stakes.

  function _getStakingFactor( uint256 tokenId, uint256 stakeAtRisk) private view 
        returns (uint256) 
    {
      uint256 stakingFactor_ = FixedPointMathLib.sqrt(
          (amountStaked[tokenId] + stakeAtRisk) / 10**18
      );
      if (stakingFactor_ == 0) {
        stakingFactor_ = 1;
      }
      return stakingFactor_;
    }    
}  

You can see that the calculation is given as the squareroot of (amountStaked[tokenId] + stakeAtRisk) / 10**18 Lets assume that a Fighter newly stakes 1000 NRN and has no stake at risk. The calculation will result to a zero number which will return 1. Even if a fighter stakes 1,000,000 NRN or 1,000,000,000 NRN tokens, with the above formular, the square root will always return a zero number still and therefore return 1. This is a flawed implementation as: users staking factor won't grow and cannot yield them rewards as supposed.

Tools Used

Manual Review + Godspeed

Recommended Mitigation Steps

The divisor is a very large number and should be reduced

Assessed type

Other