Submission Details
Severity:
Wrong Rarity of 4th URI in `MondrianWallet::tokenURI`
[M-1] Wrong Rarity of 4th URI in MondrianWallet::tokenURI
Description: The tokenURI function returns the URI of any given tokenId, but since there is only 4 URIs the tokenId should be moded by 4 not 10.
Impact: This will caues URIs 1 to 3 to be rare despite the protocol docs stating all have same rarity.
Proof of Concept:
function tokenURI(
uint256 tokenId
) public view override returns (string memory) {
if (ownerOf(tokenId) == address(0)) {
revert MondrainWallet__InvalidTokenId();
}
@> uint256 modNumber = tokenId % 10;
//@audit rarity is wrong 10% for 1 2 3 and 70% for 4
if (modNumber == 0) {
return ART_ONE;
} else if (modNumber == 1) {
return ART_TWO;
} else if (modNumber == 2) {
return ART_THREE;
} else {
return ART_FOUR;
}
}
Recommended Mitigation: Just mod tokeId by 4 instead of 10:
function tokenURI(
uint256 tokenId
) public view override returns (string memory) {
if (ownerOf(tokenId) == address(0)) {
revert MondrainWallet__InvalidTokenId();
}
- uint256 modNumber = tokenId % 10;
+ uint256 modNumber = tokenId % 4;
//@audit rarity is wrong 10% for 1 2 3 and 70% for 4
if (modNumber == 0) {
return ART_ONE;
} else if (modNumber == 1) {
return ART_TWO;
} else if (modNumber == 2) {
return ART_THREE;
} else {
return ART_FOUR;
}
}
Updates
Lead Judging Commences
inallhonesty about 1 year ago
Submission Judgement Published Assigned finding tags:
NFT's should have equal distribution
Rewards breakdown
nSLOC
89This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.