Inheritable Smart Contract Wallet

Summary

The createEstate function in the NFTFactory contract utilizes the _setTokenURI function to store a textual description of the asset, rather than using it for its intended purpose: a URI pointing to a JSON file containing the NFT's metadata. This misuse can lead to issues with NFT marketplaces, wallets, and other tools that rely on the token URI to access metadata, and it prevents the inclusion of rich metadata like images and attributes.

Vulnerability Details

https://github.com/CodeHawks-Contests/2025-03-inheritable-smart-contract-wallet/blob/main/src/NFTFactory.sol#L25-L30

• Incorrect Token URI Usage: The createEstate function passes a plain string description (_description) directly to _setTokenURI. The _setTokenURI function is designed to store a URI (Uniform Resource Identifier), typically an IPFS or HTTPS link to a JSON metadata file, as per the ERC721 standard.

• Loss of Rich Metadata: By using the token URI for a simple text description, the contract loses the ability to associate rich metadata with the NFT. This metadata could include:

  • Image URLs

  • Attributes (e.g., "number of rooms," "area," etc. for real estate NFTs)

  • Descriptive properties

  • Other media (videos, 3D models, etc.)

• Standard Non Compliance: Using the token uri for description is not a standard practice.

Impact

• Limited NFT Functionality: NFTs created by this contract will be less useful in the wider NFT ecosystem. Marketplaces and wallets will not be able to display images, attributes, or other metadata correctly.

• Poor User Experience: Users will only see a raw text description instead of a proper NFT display with visual and rich information.

• Marketplace Compatibility: NFTs minted with this contract will likely not be fully compatible with most NFT marketplaces, as they expect the token URI to point to a JSON file.

• Reduced Interoperability: The deviation from the standard prevents interoperability with tools and services that are built around the ERC721 token URI standard.

Tools Used

• Manual Code Review

• ERC721 Standard Review

Recommendations

1. Create a Metadata JSON Structure:

   • Define a clear JSON metadata schema that includes:

     • name: (String) Name of the Estate.

     • description: (String) A textual description of the estate.

     • image: (String) URL to an image associated with the estate.

     • attributes: (Array of objects) Key-value pairs for estate attributes.

   • Example:

   {

   "name": "Property on Main Street",

   "description": "A beautiful 3-bedroom house located at 123 Main Street.",

   "image": "ipfs://QmExampleHash/property.jpg",

   "attributes": [

   {

   "trait_type": "Bedrooms",

   "value": 3

   },

   {

   "trait_type": "Area",

   "value": "1500 sqft"

   }

   ]

   }

2. Store Metadata Off-Chain:

   • Host the JSON metadata files on a decentralized storage solution like IPFS, or a centralized service if IPFS is not preferred.

   • Get the Hash or URL of the metadata.

3. Update createEstate Function:

   • Remove the _description paramter.

   • Add _tokenURI as a paramter to the function.

   • Have the caller add a valid URL or IPFS hash.

   function createEstate(string memory _tokenURI) external onlyInheritanceManager returns (uint256 itemID) {

   uint256 ID = _incrementCounter();

   _mint(msg.sender, ID);

   _setTokenURI(ID, _tokenURI);

   return ID;

   }

4. Update InheritanceManager.createEstateNFT:

   • Have the caller upload the metadta and then pass the uri to this function.

   function createEstateNFT(string memory _tokenURI, uint256 _value, address _asset) external onlyOwner {

   uint256 nftID = nft.createEstate(_tokenURI);

   nftValue[nftID] = _value;

   assetToPay = _asset;

   }