In `InheritanceManager` a global `assetToPay` variable is used which is overwritten by latest NFT creation.
Summary
The assetToPay is shared across all NFTs, overwriting previous values.
Finding Description
The assetToPay variable is a global variable that applies to all NFTs. This means that when a new NFT is created, the assetToPay value is overwritten, affecting all NFTs. This is problematic because different NFTs may represent different types of assets that should be paid in different tokens.
The issue is present in the function createEstateNFT
This vulnerability breaks the flexibility of the system, as different NFTs may require different payout assets.
Impact Explanation
This is an issue cos it affects the createEstateNFT function, which is used to create new NFTs. When a new NFT is created, the assetToPay value is overwritten, potentially causing incorrect payment expectations for other NFTs
Likelihood Explanation
Highly cos it affects all multi-NFT inheritance scenarios.
Recommendation
To fix this issue, the contract should track assetToPay per NFT using a mapping and modify the global variable in the Trustee.sol contract; for rxample:
Lead Judging Commences
global asset in NFT values
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.