First Flight #5: Santa's List
First Flight #5
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

`SantasList::buyPresent` Not Authourizing the msg.sender with prsentReceiver and Allowing to Burn other's tokens

0xMaximus

Summary

SantasList::buyPresent is Not checking the msg.sender with the presentReceiver address and directly Burning presentReceiver's tokens. Which Allows msg.sender to burn other's holding and minting the NFT's on msg.sender.

Vulnerability Details

function buyPresent(address presentReceiver) external {
@> i_santaToken.burn(presentReceiver);
_mintAndIncrement();
}

SantasList::buyPresent Allowing msg.sender's to Burn Other's Holding and getting Benifit with NFT's minting on their own address.

Impact

`` Allows loss of User's tokens, A malcious actor can Burn all other's Holdings and can get much NFT's minted on his wallet as SantasList::buyPresent Has no checks for msg.sender with the input Address presentReceiver.

Tools Used

  • Manual Analysis

  • Foundry

Recommendations

- function buyPresent(address presentReceiver) external {
- i_santaToken.burn(presentReceiver);
- _mintAndIncrement();
- }
+ function buyPresent() external {
+ i_santaToken.burn(msg.sender);
+ _mintAndIncrement();
+ }
Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

buyPresent should use msg.sender

Current implementation allows a malicious actor to burn someone else's tokens as the burn function doesn't actually check for approvals.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.