DatingDapp

Summary

The SoulboundProfileNFT contract is an ERC721-based NFT designed for dating profiles. It introduces soulbound properties, meaning that tokens cannot be transferred. The contract allows users to mint, store, and burn their profile NFTs while the owner has the power to block profiles.

Key Features:

• Soulbound mechanism – NFTs cannot be transferred

• On-chain metadata – Profile details (name, age, and image) are stored

• Owner moderation – The contract owner can block profiles

• Self-burning – Users can delete their profile NFTs

While well-structured, the contract has security risks related to metadata validation, griefing attacks, and ownership centralization.

Vulnerability Details

Metadata Spoofing (High Risk)

• The contract does not validate user input for profile name, age, or image.

• Attackers can set inappropriate names, unrealistic ages, or malicious image links.

Griefing Attack on Minting (Medium Risk)

• There is no way to update or modify a minted profile.

• Users must burn and remint their NFT if they make a mistake, leading to unnecessary gas costs.

Centralized Blocking Control (Medium Risk)

• The owner has the sole authority to block profiles.

• A compromised or malicious owner can arbitrarily block legitimate users.

Lack of Profile Recovery (Low Risk)

• If a user loses their wallet, their profile is permanently inaccessible.

• There is no recovery mechanism.

Impact

• Metadata spoofing can lead to misinformation and abuse.

• Profile minting process is costly for users due to lack of update functionality.

• Owner control over blocking introduces centralization risks.

• Users can lose access to their profile without recovery options.

Tools Used

• Slither – Smart contract static analysis

• Solidity Visual Auditor – Code review

• Manual code review – Logic and security flaw identification

• Remix IDE – Testing and simulation

Recommendations

Input Validation for Metadata

• Restrict age to a reasonable range (e.g., 18–100).

• Ensure name length is within limits (e.g., 3–50 characters).

• Sanitize profile images to prevent phishing links.

Allow Profile Updates

• Implement an updateProfile() function allowing users to update their details without needing to burn their NFT.

Decentralized Moderation

• Introduce multi-signature governance for blocking users instead of central control.

Recovery Mechanism

• Implement an admin-assigned recovery feature for users who lose access to their wallets.