Summary

the token assignment is based on deterministic patterns can lead to predictability in the distribution of unique assets. This predictability allows users to wait for a specific tokenId to mint an NFT that is perceived to be more valuable, potentially leading to market manipulation and unfair advantages.

Vulnerability Details

In contracts where the token URI is derived from a deterministic pattern, such as using a modulo operation to map token IDs to a specific set of URIs, users can predict which NFT they will receive based on the token ID. this defeats the random feature of the attribution of these nfts

Impact

Unfair Advantage: Users can wait for or reserve specific token IDs to get a desired NFT, creating an unfair advantage and undermining the concept of random or fair distribution.
Market Distortion: When people can predict and target specific token IDs, it can lead to artificial scarcity or inflated value for certain NFTs, distorting the market.

Tools Used

Manual review

Recommendations

Use chainlink VRF to create a random number for each user and avoid any type of MEV attacks