Minting Mechanism Exploit: Direct Battle Entry with High Skills
Summary
The mintRapper function in OneShot.sol improperly initialises OneShot::rapperStats before any gameplay, granting newly minted NFTs unearned skill advantages, which undermines the intended game mechanics.
Vulnerability Details
The default values of OneShot::rapperStats for a newly minted NFT are beneficial to the player (weakKnees: false, heavyArms: false, spaghettiSweater: false, calmAndReady: false, battlesWon: 0). Score +15 already.
A malicious player could take control when he receives a NFT with a custom implementation of onERC721Received. He will then reenter on RapBattle::goOnStageOrBattle.
Impact
It gives an unfair advantage to players who mint new NFTs. Nevertheless the game is also based on chance in the end.
Tools Used
Manual Review
Recommendations
Restructure the OneShot::mintRapper to follow the Checks-Effects-Interactions pattern strictly. Ensure all state changes are performed before any extenal interaction.
Lead Judging Commences
mintRapper reentrancy leads to fighting having better chances of winning.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.