Submission Details
Severity:
Passing `HorseStore::TOTAL_SUPPLY` Storage Slot to `HorseStore::_MINT` rather than total_supply value
Description: The HorseStore::MINT_HORSE function calls the internal mint function HorseStore::_MINT with the storage slot for the HorseStore::TOTAL_SUPPLY storage variable rather than it's value.This would lead to an inability to mint above 1 tokens because the HorseStore::TOTAL_SUPPLY is a constant value.
#define macro MINT_HORSE() = takes (0) returns (0) {
[TOTAL_SUPPLY] // [TOTAL_SUPPLY]
caller // [msg.sender, TOTAL_SUPPLY]
@> _MINT() // []
stop // []
}
Impact: The contract can only mint 1 token, subsequent attempts to mint tokens would be reverted
Proof of Code:
Code
add test to HorseStoreHuff.t.sol function test_mintingMultipleTokensFail() public {
address minter = makeAddr("minter");
vm.prank(minter);
horseStore.mintHorse();
address minter2 = makeAddr("minter2");
vm.prank(minter2);
vm.expectRevert("ALREADY_MINTED");
horseStore.mintHorse();
}
Recommendation:
#define macro MINT_HORSE() = takes (0) returns (0) {
[TOTAL_SUPPLY] // [TOTAL_SUPPLY]
+ sload // [total_supply]
caller // [msg.sender, total_supply]
_MINT() // []
stop // []
}
Updates
Lead Judging Commences
inallhonesty over 1 year ago
Submission Judgement Published Assigned finding tags:
Failure to properly load the totalSupply in Huff
Rewards breakdown
nSLOC
460This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.