NFT Ownership Ambiguity in Hard Fork Scenarios
Summary
The current implementation of the tokenURI function in the NFT contract doesn't consider the potential impact of hard forks on NFT ownership. During a hard fork, the blockchain splits into two separate chains, and the current tokenURI function would return the same URI for both chains, potentially leading to confusion and ownership disputes.
Vulnerability Details
This vulnerability could lead to confusion and potential ownership disputes among NFT holders if the contract doesn't handle hard forks appropriately.
Impact
This vulnerability poses a severe threat to the integrity of NFT ownership. If not addressed, it could lead to:
-
Ownership Disputes: Conflicting URI responses for the same NFT across different chains could lead to ownership disputes and potential legal ramifications.
-
Market Disruption: Uncertainty regarding NFT ownership could disrupt NFT markets, potentially causing value fluctuations and eroding trust in the project.
-
User Confusion: The lack of clear ownership identification could confuse NFT holders and hinder their ability to manage their assets effectively.
Tools Used
Manual Review
Recommendations
Incorporate chain ID verification into the tokenURI function. This can be achieved by adding the following line:
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.