DittoETH

Ditto

DeFiFoundryOracle

55,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Invalid

tokenURI is not implemented

MaslarovK

Summary

The function tokenURI(uint256 id) in the provided Solidity code.

Vulnerability Details

This function is supposed to return a URI for a given token ID, which is typically a metadata link that provides information about the token. However, in this contract, the function is declared but not implemented. This means that it's impossible to retrieve metadata for tokens in this contract, which is a standard feature of ERC721 tokens.

Impact

This could lead to a lack of necessary information about tokens and hinder the interaction with other contracts or services that rely on this metadata.

Tools Used

Manual Review

Recommendations

To resolve this issue, you should implement the tokenURI(uint256 id) function to return a valid URI for each token.

Also, consider adding a check for a maliciously provided NFT id, the returned data may deceive potential users, as the method will return data for a non-existent NFT id. This can lead to a poor user experience or financial loss for users.

Updates

Lead Judging Commences

0xnevi Lead Judge

almost 2 years ago

0xnevi Lead Judge over 1 year ago

Submission Judgement Published

Invalidated

Reason: Other

Prize pool breakdown

Total prize

55,000 USDC

nSLOC

3,365

16 USDC / LOC

High Medium

50,000 USDC

Low

5,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.