Minting Event Emitted Without Ensuring Success
Summary:
In the searchForEgg() function of the EggHuntGame contract, the event EggFound is emitted immediately after calling eggNFT.mintEgg(...), but without verifying whether the minting was successful. Since mintEgg() returns a boolean value indicating success, failing to check it could result in emitting a misleading event even if minting fails internally (e.g., due to a permission issue or contract misconfiguration).
Vulnerability Details:
1.The code currently ignores the bool return value from mintEgg.
2.The event EggFound is emitted regardless of whether the minting succeeded or failed.
3.If mintEgg fails due to require(msg.sender == gameContract), the EggFound event may misleadingly indicate an egg was found and minted — even though it wasn't.
Impact
1.Inconsistent event logs: Off-chain services and explorers relying on event logs may falsely believe the user successfully minted an egg.
2.Game state inconsistency: The eggsFound[msg.sender] counter is incremented even though the corresponding NFT was never minted.
3.Potential for abuse: Users could exploit this to appear as if they earned more eggs than they truly own, possibly manipulating reward calculations.
Tools Used
Manual code review
Recommendations
This ensures the event is only emitted if the mint was successful.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.