Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Redundant code in `RAACNFT::mint()`

yeahchibyke

Summary

The current logic of the ::mint() sources the price of a RAACNFT from the RAACNFT::getHousePrice() and then uses this figure to handle a refund if necessary.

But, there is absolutely no need for a refund if redundant code is removed in the ::mint() function.

Tools Used

  • Manual Review

Recommendations

Rewrote the ::mint() function such that the price of a RACCNFT is sourced from the ::getHousePrice() function, and this figure is transferred from the user.

function mint(uint256 _tokenId) public {
uint256 price = raac_hp.tokenToHousePrice(_tokenId);
// transfer erc20 from user to contract - requires pre-approval from user
token.safeTransferFrom(msg.sender, address(this), price);
// mint tokenId to user
_safeMint(msg.sender, _tokenId);
emit NFTMinted(msg.sender, _tokenId, price);
}

This way, there will never be an incident where a refund is necessary because only the exact price of a RAACNFT is always transferred from the user.

P.S. The RAACNFT inherits the ::mint() function from the IRAACNFT interface. So I commented out the IRAACNFT::mint() function. SInce it is only used in the RAACNFT contract, it is safe to do so.

Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!