Submission Details
Severity:
SantasList:buyPresent() allows recipient to receive NFT even if they already own one
Summary
SantasList:buyPresent() allows recipient to receive NFT even if they already own one
Vulnerability Details
There is no check in SantasList:buyPresent() to ensure that the receipient already does not own a Santa NFT
Impact
Medium
PoC
The Foundry test below will fail with current code as the transaction does not revert if the recipient already owns the NFT...
function testBuyPresentRecipientAlreadyOwns() public {
vm.startPrank(santa);
santasList.checkList(user, SantasList.Status.EXTRA_NICE);
santasList.checkTwice(user, SantasList.Status.EXTRA_NICE);
vm.stopPrank();
vm.warp(santasList.CHRISTMAS_2023_BLOCK_TIME() + 1);
vm.startPrank(user);
santaToken.approve(address(santasList), 1e18);
santasList.collectPresent();
vm.expectRevert();
santasList.buyPresent(user);
vm.stopPrank();
}
Tools Used
Visual Studio Code, Foundry
Recommendations
Change SantasList:buyPresent() to have a check for recipient already owning the NFT and revert if they do...
function buyPresent(address presentReceiver) external {
if ((balanceOf(presentReceiver) > 0)) {
revert SantasList__AlreadyCollected();
}
i_santaToken.burn(presentReceiver);
_mintAndIncrement();
}
Rewards breakdown
nSLOC
116This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.