Function tokenURI() does not revert for non-existing token IDs (non-compliant with the ERC721Metadata standard)
Summary
The contract defines the external function tokenURI(token_id) which does not revert when called with a non-existing token_id as a parameter. According to the ERC721Metadata standard, the function should revert ("Throws if _tokenId is not a valid NFT.", https://eips.ethereum.org/EIPS/eip-721 , accessed 3/14/2024).
Vulnerability Details
Instead of reverting for a non-existing tokenID, tokenURI() returns the URI corresponding to the NFT with rarity 0. That is because self.tokenIdToRarity[token_id] returns 0 for a non-existing entry in the hash map.
Impact
Low: While it is not explicitly stated that the contract should conform to the ERC721Metadata standard, the specification states "it should have all the functionality of a normal NFT. It should be able to be viewed, transferred, approved, etc.". Using the function name exactly as it is stated in the ERC721 standard, it is expected to conform to it. An incorrect tokenURI() function could impact integrations with third-party protocols such as NFT marketplaces or blockchain explorers.
Tools Used
Manual code inspection.
Recommendations
Add assert ERC721._exists(token_id) at the beginning of tokenURI(token_id).
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.