First Flight #9: Soulmate
First Flight #9
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

```Soulmate::tokenURI``` isn't implemented and returns an empty string

kiteweb3

Summary

The Soulmate::tokenURI function isn't implemented and returns an empty string. The Natspec comment indicates that it will be implemented after the audit. This can lead to error and/or unexpected behaviour.

Vulnerability Details

@> /// @dev will be added after audit.
/// @dev Since it is only used by wallets, it won't create any edge case.
function tokenURI(uint256) public pure override returns (string memory) {
@> // To do
@> return "";
}

Impact

Implementing a function after an audit can lead to several issue:

  • Introduction of New Vulnerabilities: any modification to the contract's code could introduce new vulnerabilities that were not present during the initial audit.

  • Invalidating Previous Audit Results: the audit report is only valid for the exact version of the code that was reviewed. Changes made after the audit invalidate the previous audit results, meaning the contract would need to be re-audited to ensure its security and correctness.

  • Compatibility Issues: changes to the contract could lead to compatibility issues with other parts of the ecosystem, such as front-end interfaces.

Tools Used

Manual review

Recommendations

Considering to audit the final version of the smart contract.

Updates

Lead Judging Commences

0xnevi Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Known issue

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.