Submission Details
Severity:
[H-3] Lack of Access Control in `RamNFT::mintRamNFT()` Allows Free Minting
Description:
The mintRamNFT() function in the RamNFT contract lacks proper access control, allowing anyone to mint a RAM NFT for free outside of the contract's intended behavior.
impact:
This vulnerability enables attackers to mint RAM NFTs without authorization, potentially leading to manipulations of various functions within the protocol.
Proof of Concept:
Execute the following code in Dussehra.t.sol:
function test_mintRamNft() public {
address hacker = address(1234);
vm.prank(hacker);
ramNFT.mintRamNFT(hacker);
assertEq(ramNFT.balanceOf(hacker), 1);
console.log("ramNFT balance of hacker: %e", ramNFT.balanceOf(hacker));
}
Output :
Logs:
ramNFT balance of hacker: 1e0
Recommended Mitigation:
Implement access control for the mintRamNFT() function using a modifier:
modifier onlyDussehra() {
if(msg.sender != dussehraContract) {
revert callerNotAllowed();
}
_;
}
Apply this modifier to the mintRamNFT() function to restrict minting privileges to authorized contracts or addresses only.
Rewards breakdown
nSLOC
218This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.