Free NFTs Can Be Minted Due to Lack of Minimum Donation Check
Summary
The donate function in the GivingThanks contract lacks a check on msg.value, allowing users to mint NFTs with zero donations. This could lead to spam minting of NFTs without any actual funds going to the intended charity, diminishing the contract’s purpose.
Vulnerability Details
In the donate function, there is no minimum donation amount requirement, allowing users to pass a zero-value transaction to mint an NFT for free:
Without a minimum donation check, any user can repeatedly call this function with msg.value = 0 to obtain unlimited NFTs without donating.
Impact
Exploitation of NFT Minting: Users can mint NFTs at no cost, flooding the NFT supply with zero-value tokens.
Loss of Charity Purpose: The intended goal of generating funds for verified charities is undermined if users mint NFTs without donating.
Tools Used
Manual Review
Recommendations
Introduce a check to ensure msg.value is above zero, ideally setting a minimum donation threshold for minting NFTs. For example:
This will prevent zero-value donations, ensuring that each NFT minted corresponds to an actual contribution.
Lead Judging Commences
finding-0-donation-mint-an-NFT
Likelyhood: Low, anyone can mint an NFT with 0 amount. No reason to do it. Impact: Informational/Very Low, NFT are minted to a false donator. An NFT with 0 in the amount section would be useless. Since that's a bad design and not expected, I'll consider it Low but in a real contest, it could be informational because there is no real impact.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.