Project
One World
NFTDeFi
15,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Missing Event Emission in setBaseURI in `MembershipFactory.sol`

calc1f4r

Summary

The setBaseURI function allows privileged accounts (those with the DEFAULT_ADMIN_ROLE) to update the baseURI used for NFT metadata. However, the original implementation did not emit an event upon changing the baseURI, which can hinder tracking and auditing of metadata updates.

Impact

  • The baseURI serves as the common URI for all tokens. If it is updated without proper tracking, any frontend applications still using the old URI may break or show outdated metadata.

  • The lack of an event emission prevents transparent auditing and tracking of changes, making it difficult for external systems to stay in sync with the updated baseURI.

  • A failure to properly log changes could lead to issues in compliance, monitoring, or debugging, particularly in the case of large-scale projects where metadata updates are frequent.

Recommendations

Implement an event emission within the setBaseURI function to log changes to the baseURI. This enhances transparency and facilitates better interaction with off-chain systems.

event BaseURIChanged(string newBaseURI);
function setBaseURI(
string calldata _baseURI
) external onlyRole(DEFAULT_ADMIN_ROLE) {
baseURI = _baseURI;
emit BaseURIChanged(_baseURI);
}
Updates

Lead Judging Commences

0xbrivan2 Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!