First Flight #17: Dussehra
First Flight #17
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

Reentrancy Attack on mintRamNFT Function:

darshan

Summary

The _safeMint function can potentially call an external contract if the recipient is a smart contract. This external call could lead to a reentrancy attack if the called contract calls back into the RamNFT contract before the Characteristics mapping is updated.

Impact

If _safeMint or any subsequent operation in mintRamNFT calls an external contract or allows external code to execute, an attacker could write a malicious contract that re-enters mintRamNFT during the execution, causing the tokenCounter to increment multiple times within a single transaction.

Tools Used

manual testing

Recommendations

Reorder the statements in the mintRamNFT function so that the Characteristics mapping is updated before _safeMint is called.

function mintRamNFT(address to) public {
uint256 newTokenId = tokenCounter++;
Characteristics[newTokenId] = CharacteristicsOfRam({
ram: to,
isJitaKrodhah: false,
isDhyutimaan: false,
isVidvaan: false,
isAatmavan: false,
isSatyavaakyah: false
});
_safeMint(to, newTokenId);
}
Updates

Lead Judging Commences

bube Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Invalid - reentrancy in safeMint

The problem is that the `mintRamNFT` function is public and anyone can call it, not that the function uses `_safeMint`.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.