Zaros Part 1
Zaros
DeFiFoundry
60,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

`tokenId` existence is not checked in `mint()`

tigerfrake

Summary

According to OpenZeppelin, it is required that tokenId must not exist when using_mint(). However, this is not checked in AccountNFT:mint().

Vulnerability Details

AccountNFT:mint() intentionally uses _mint() instead of _safeMint().

function mint(address to, uint256 tokenId) external onlyOwner {
// intentionally not using _safeMint
_mint(to, tokenId);
}

However, there is no check to verify that the tokenId to be minted to the to address does not already exist as required by OpenZeppelin:

_mint(address to, uint256 tokenId)
internal
Mints tokenId and transfers it to to.
Requirements:
>> tokenId must not exist.

Impact

Duplicate Tokens
Without checking if a tokenId already exists, there's a risk of minting duplicate tokens. Each ERC721 token is supposed to be unique, identified by a unique tokenId. Minting a token with a tokenId that already exists breaks this uniqueness principle

Tools Used

Manual Review

Recommendations

Checks if a tokenId exists before minting it using _mint():

function mint(address to, uint256 tokenId) external onlyOwner {
// intentionally not using _safeMint
+ // Check if the tokenId already exists
+ address tokenOwner = ownerOf(tokenId);
+ require(tokenOwner == address(0), "Token already exists");
_mint(to, tokenId);
}
Updates

Lead Judging Commences

inallhonesty Lead Judge
over 1 year ago
inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.