1. Arena Smart Contract Exposed: Re-entrancy Vulnerability in `claim` Function Threatens Complete Token Drain
A critical security flaw has been identified in the Arena smart contract's `claim` function, exposing the protocol to a complete token drain. The vulnerability is a classic Checks-Effects-Interactions violation, where the contract performs an external token transfer to a winner *before* updating its internal state to m...