Mapping ´´´horseIdToFedTimeStamp´´´ allows anybody to feed any horse even if it has not been minted.
There is no check to prevent not minted horses from being fed in the ´´´feedHorse()´´´ function.
Missfunction of the protocol. Horses that have not been minted should not be fed.
Test this function with Foundry:
´´´
function testMintedHorse() public{
vm.warp(5 days);
horseStore.feedHorse(0);
horseStore.feedHorse(15);
assertEq(horseStore.isHappyHorse(0), true);
assertEq(horseStore.isHappyHorse(15), true);
}
´´´solidity
Add a state variable that keeps the number of minted horses check which makes sure the horse has been minted before feeding it. Minting a horse should also increase this variable:
´´´
+uint256 public mintedHorses;
.
.
.
function mintHorse() external {
_safeMint(msg.sender, totalSupply());
mintedHorses++;
}
.
.
.
function feedHorse(uint256 horseId) external {
require(horseId < mintedHorses, "This horse has not been minted yet);
horseIdToFedTimeStamp[horseId] = block.timestamp;
}
´´´
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.