Here, the actual attack and defense can be 0.
But the DNA battles description said they are both at least 1.
So, which one is the intended behavior, the code or the document?

This does not seem to be the latest version of the contract.
In the published version, the default value for the powerCoef of runFightRoundGenotype is commented out, so this call would not compile.

That >= should be > instead.

When trying to buy, a deal created for 0.0000 EOS fails with the following message:

Error Buying Wizard

Error details:
eosio_assert_message_exception
eosio_assert_message assertion failure
assertion failure with message: must transfer positive quantity

So it would be better to disallow to create such deals in the first place.

Why is the size equal to sizeof(mixedChar)?
To me, it looks like the size argument should be the size of uint32_t ar where we point to.
By coincidence, both seem to be 4 bytes, but if I'm right, it's still a dormant bug if something has to change.

This is a bug in handling the improbable case (still a bit probable for very small lengths though).
The line declares a new variable instead of assigning to the existing one.

Note that some compiler options (like -Wshadow shadowing warnings for GCC) may prevent such bugs.

This is a bug.
shopArray[itemType] should in fact be shopArray[i].
The item type can be 0..9, but shopArray is currently of length 2.

How does this not crash, at least sometimes?