`ownerToId[msg.sender]` is misleading new tokens are minted
Summary
mintSoulmateToken() function returns the ownerToId[msg.sender]
Vulnerability Details
The mintSoulmateToken function in the Soulmate contract returns the value of ownerToId[msg.sender] without differentiating between cases where a new token was minted or not. This behavior could lead to confusion for callers, as they might anticipate that the function would return the ID of the newly minted token.
Impact
This behavior implies that the function's return value does not accurately reflect the outcome of the token minting process. Callers might reasonably expect the function to return the ID of the newly minted token, especially if they are the second soulmate and a token is being minted.
Tools Used
Manual code review
Recommendations
To avoid confusion and ensure that the mintSoulmateToken function behaves consistently, you can modify it to return a distinct value depending on whether a new token was minted or not. One common approach is to return a boolean indicating success or failure, along with the token ID if applicable. Here's how you can refactor the function:
Modify the
mintSoulmateTokenfunction to return a tuple containing a boolean and the token ID.Return
trueand the token ID when a new token is minted.Return
falseand the existing token ID when the caller already owns a token.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.