Project
One World
NFTDeFi
15,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Lack of Check in `updateDAOMembership` Allows minted Count to Exceed Specified TierConfig.amount

jesjupyter

Summary

The updateDAOMembership function does not enforce a restriction to ensure that minted does not exceed the new amount for each tier.

Vulnerability Details

In the updateDAOMembership function, the DAO’s tiers array is updated by first preserving the minted value of each existing tier and then replacing the array with new TierConfig data:

// Preserve minted values and adjust the length of dao.tiers
for (uint256 i = 0; i < tierConfigs.length; i++) {
if (i < dao.tiers.length) {
tierConfigs[i].minted = dao.tiers[i].minted;
}
}
// Reset and update the tiers array
delete dao.tiers;
for (uint256 i = 0; i < tierConfigs.length; i++) {
dao.tiers.push(tierConfigs[i]);
maxMembers += tierConfigs[i].amount;
}

Currently, there is no check to verify that the minted value of each tier does not exceed the new amount set in TierConfig. Consequently, if the amount is set to a value smaller than the current minted value, this will violate the design restriction on mint limits.

Impact

This issue could lead to an unintended configuration where the minted count exceeds the specified amount for a tier, undermining DAO membership restrictions and potentially allowing more NFTs than intended to remain valid under a given tier.

Tools Used

Manual

Recommendations

Add a restriction in updateDAOMembership to ensure that TierConfig.amount is always greater than or equal to the preserved minted count.

Updates

Lead Judging Commences

0xbrivan2 Lead Judge
about 1 year ago
0xbrivan2 Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!