DatingDapp

Summary

The vulnerability stems from the improper construction of the tokenURI return value. The function concatenates _baseURI() with a Base64-encoded JSON metadata blob without ensuring that the resulting URI is a valid data URI. This oversight can lead to issues when metadata consumers attempt to parse or display the NFT metadata.

Vulnerability Details

In the tokenURI function, the metadata is constructed by concatenating the output of _baseURI() in SoulboundProfileNFT.sol with the Base64-encoded JSON metadata:

The issue lies in the fact that if _baseURI() is not explicitly overridden to return the standard data URI prefix (i.e., "data:application/json;base64,"), the resulting URI may be malformed. Without this prefix, many NFT marketplaces, wallets, or dApps expecting a complete data URI may not correctly recognize or render the metadata.

Impact

• Metadata Misinterpretation: Clients that rely on the data URI format might fail to correctly parse the metadata, leading to missing or broken displays of NFT details.

• User Experience Issues: Users may encounter issues when trying to view NFT details, which could undermine trust in the protocol.

• Interoperability Concerns: Other platforms that depend on standardized metadata formats might reject or improperly display the NFT information.

Tools Used

• Manual Code Review

• Solidity Compiler

Recommended Mitigation

To resolve this vulnerability, modify the tokenURI function to ensure the returned URI is properly formatted as a data URI. One effective method is to prepend the standard prefix "data:application/json;base64," directly within the tokenURI function, like so:

This adjustment guarantees that the NFT metadata conforms to the expected format, ensuring proper display and parsing by all compliant metadata consumers.