First Flight #9: Soulmate

First Flight #9

Beginner FriendlyFoundryNFT

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Valid

Soulmate::writeMessageInSharedSpace Anyone can distort the messages of the first couple

0xpoor4ever

Summary

Soulmate::writeMessageInSharedSpace Anyone can distort the messages of the first couple.

Vulnerability Details

Because anyone without the minted Soulmate Token, when calling ownerToId() of the Soulmate contract, will always return ID 0, they can maliciously manipulate the messages of the first couple, since the ID of the first couple is 0.

Add this test to SoulmateTest.t.sol and run forge test --match-test test_DistortFirstCoupleMessage -vvvv the issue

function test_DistortFirstCoupleMessage() public {

_mintOneTokenForBothSoulmates();

test_WriteAndReadSharedSpace();

string memory originalMessage = soulmateContract.readMessageInSharedSpace();

address nobody = makeAddr("nobody");

uint256 nobodyId = soulmateContract.ownerToId(nobody);

uint256 soulmate1Id = soulmateContract.ownerToId(soulmate1);

assertEq(soulmate1Id, nobodyId);

vm.prank(nobody);

soulmateContract.writeMessageInSharedSpace("We broke up!");

string memory newMessage = soulmateContract.readMessageInSharedSpace();

string[4] memory possibleText = [

"We broke up!, sweetheart",

"We broke up!, darling",

"We broke up!, my dear",

"We broke up!, honey"

];

bool found;

for (uint i; i < possibleText.length; i++) {

if (compare(possibleText[i], newMessage)) {

found = true;

break;

}

assertTrue(found);

console2.log(newMessage);

}

Impact

Anyone can distort the messages of the first couple

Tools Used

manual inspection

Recommendations

Modify the ID to start counting from 1, or in writeMessageInSharedSpace, check if the caller has already call the mintSoulmateToken function. If not, revert.

Updates

Lead Judging Commences

0xnevi Lead Judge over 1 year ago

Submission Judgement Published

Validated

Assigned finding tags:

finding-write-message-nft-0-id

Medium Severity, This has an indirect impact and influence on the possibility of divorce between soulmates owning the first soulmate NFT id0, leading to permanent loss of ability to earn airdrops/staking rewards.

Rewards breakdown

nSLOC

233

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.