First Flight #11: Snek-Raffle

First Flight #11

Beginner FriendlyFoundryNFT

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Valid

Wrong IPFS link for `LEGEND_SNEK_URI`

n0kto

Description

The link towards the Metadata for NFTs distributed by the Raffle is stored on-chain and is constant. However, the URI for the Legend Snek refers to the image of the Jungle Snek and not the correct JSON metadata for Legendary Snek.

@>LEGEND_SNEK_URI: public(constant(String[53])) = "ipfs://QmRujARrkux8nsUG8BzXJa8TiDyz5sDJnVKDqrk3LLsKLX"

Risk

Likelyhood: Medium

Every Legend Snek NFT won't have the right metadata.

Impact: Medium

Metadata will be corrupted and the NFT won't be displayed in wallets and marketplace properly. If it is displayed, it would show the image of the Jungle Snek instead of the legendary one.
A new contract will have to be redeployed.

Proof of Concept

Check the IPFS link provided and verify that it is pointing to the image of Jungle Snek.

Recommended Mitigation

Replace the incorrect IPFS link with the correct one pointing to the JSON metadata for the Legend Snek.

Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago

Submission Judgement Published

Validated

Assigned finding tags:

LEGEND_SNEK_URI is wrong

Rewards breakdown

nSLOC

136

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.