The MondrianWallet::tokenURI
function in the contract returns different URIs based on the modulo of the token ID with a constant value. The implementation results in an uneven distribution, where one URI represents a significantly higher proportion of the results compared to the others.
The function uses a modular arithmetic operation to determine which URI to return based on the token ID
* If the result is 0, the function returns ART_ONE
.
* If the result is 1, the function returns ART_TWO
.
* If the result is 2, the function returns ART_THREE
.
* For all other results (3 through 9), the function returns ART_FOUR
.
This indicates:
* ART_ONE
has a 10% chance of being returned (1/10 possibilities).
* ART_TWO
has a 10% chance (1/10 possibilities).
* ART_THREE
has a 10% chance (1/10 possibilities).
* ART_FOUR
has a 70% chance (7/10 possibilities).
The distribution is biased, with ART_FOUR
having a much higher likelihood of being returned compared to the others.
You will need to add public mint function in MondrianWallet, I should note this mint function is only for proof purposes and should not be used as it's flawed
function mint(address to, uint256 _tokenIdCounter) public onlyOwner { _safeMint(to, _tokenIdCounter); // Use _safeMint for ERC-721 compliance }
Place the following into MondrianWallet.test.js
.
Manual
with this each art has a 25% probability
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.