Arena Game Contract Vulnerability: Admin `set_token` Function Can Permanently Trap Player Funds

A critical security vulnerability has been identified in the Arena game contract, where an administrative function can permanently lock player deposits mid-game. The `set_token` function, which mutates the underlying `TOKEN_KEY` for the prize pool, lacks essential lifecycle guards. This allows an admin—whether acting accidentally or maliciously—to change the token after players have already deposited funds using `join()`. Once the token is switched, all original deposits become irretrievably trapped within the contract, rendering payouts impossible and causing permanent loss of user collateral.

The flaw resides in the contract's `lib.rs` file. The core issue is that the contract's configuration is not frozen once user capital is committed. Players deposit Token A, but if `set_token` is later called to switch to Token B, the state of the prize pool diverges from the deposited assets. The original funds are left inaccessible, with no mechanism for recovery. This represents a direct rug vector where the underlying asset of the pool can be changed after deposits occur.

The proposed fix is to implement a guard condition within the `set_token` function. The function should require that either `SURVIVOR_COUNT_KEY` or `PRIZE_POOL_KEY` equals zero before execution, ensuring no active game is in progress when the token is changed. This vulnerability underscores a fundamental security failure in admin-controlled state mutations within financial game contracts, where user funds must be protected from post-commitment configuration changes.