blockProfile in SoulboundProfileNFT.sol Allows Profile Recreation
Summary
The SoulboundProfileNFT::blockProfile function does not implement a mapping to permanently block an address from creating a new profile. As a result, a blocked user can simply create a new profile after being "blocked," rendering the function ineffective.
Vulnerability Details
The function blockProfile removes a user's profile by burning their token and deleting their associated data.
However, it does not store any record that the address was blocked. There is no mapping to check if a user is blocked and cannot create profiles anymore. So after a user is blocked he can call SoulboundProfileNFT::mintProfile function and create a new profile which makes the blockProfile function useless.
Impact
Blocked users can recreate profiles without restriction.
No permanent ban mechanism, making it impossible to enforce user bans.
Potential for abuse if malicious users repeatedly exploit the system.
Tools Used
Manual review
Foundry tests
Recommendations
Introduce a mapping
Modify blockProfile to set isBlocked[blockAddress] = true;
Add a if (!isBlocked[msg.sender]) revert AddressIsBlocked(); check in mintProfile.
Consider implementing an appeal/unblock mechanism if needed.
The correct version of the function:
Appeal created
finding_blocked_user_can_recreate_a_profil
Likelihood: Low, any blocked users. Impact: High, not really blocked.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.