Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

There is no batch minting functionality implemented in `RAACNFT` contract

4rdiii

[M-04] There is no batch minting functionality implemented in RAACNFT contract

Summary

The RAACNFT contract documentation explicitly claims to implement batch minting functionality, which is a critical feature for efficiently creating multiple NFTs in a single transaction. However, despite this documentation claim, the contract lacks any actual batch minting implementation. This discrepancy between documentation and implementation creates confusion for users and developers who might rely on this feature. The contract does maintain a currentBatchSize state variable and includes an addNewBatch function for setting batch sizes, but these features are never utilized in any actual minting operations. This incomplete implementation suggests that batch minting was planned but never fully developed, leaving users with only individual minting capabilities.

Vulnerability Details

The contract's current implementation reveals several key issues:

  1. Function Analysis:

    • Only supports individual minting through the mint(uint256,uint256) function

    • Includes addNewBatch(uint256) for setting batch sizes

    • Maintains unused currentBatchSize state variable

    • No actual batch processing logic exists

  2. Current Function Signatures:

    Function Name Sighash Function Signature
    mint 1b2ef1ca mint(uint256,uint256)
    getHousePrice 415a0eba getHousePrice(uint256)
    addNewBatch 07fd5b95 addNewBatch(uint256)
    setBaseUri a0bcfc7f setBaseUri(string)
    supportsInterface 01ffc9a7 supportsInterface(bytes4)

  3. Current Batch Size Implementation:

function addNewBatch(uint256 _batchSize) public override onlyOwner {
if (_batchSize == 0) revert RAACNFT__BatchSize();
currentBatchSize += _batchSize;
}

This function allows owners to set batch sizes but doesn't implement any actual batch processing logic, making it effectively useless.

Impact

The absence of batch minting functionality creates several significant issues:

  1. User Experience Issues:

    • Longer processing times for multiple NFTs

    • Need to wait for each mint to complete before starting the next

    • More complex frontend implementation required

  2. Documentation Confusion:

    • Documentation claims a feature that doesn't exist

    • May mislead developers integrating with the contract

    • Creates trust issues with users

  3. Technical Inconsistencies:

    • Maintained but unused state variables

    • Partially implemented batch size management

    • Incomplete feature set

Tools Used

Manual Review

Recommendations

Implement batch minting function:

function batchMint(uint256[] memory _tokenIds, uint256[] memory _amounts)
public
override
onlyOwner
{
require(_tokenIds.length == _amounts.length, "RAACNFT__InvalidBatchLength");
require(_tokenIds.length <= currentBatchSize, "RAACNFT__ExceedsBatchSize");
for (uint256 i = 0; i < _tokenIds.length; i++) {
_mint(msg.sender, _tokenIds[i]);
tokenAmounts[_tokenIds[i]] = _amounts[i];
}
}
Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!