Normal Behavior: When a user mints an NFT and opts to register a Chainlink Keeper for automated updates, they are expected to provide a non-zero amount of LINK tokens to fund the upkeep. If the LINK deposit is insufficient or zero, the system should ideally reject the request early, preventing the user from spending their minting fee (ETH) on a process that is guaranteed to fail later.
Specific Issue: The requestMintWeatherNFT
function in WeatherNft.sol
allows a user to initiate a mint with _registerKeeper
set to true
even if _initLinkDeposit
is 0
. The function does not revert at this stage; instead, it successfully processes the ETH payment, increments the mint price, and initiates a Chainlink Functions request. However, when the fulfillMintRequest
function is later called (after the Chainlink Functions response), the attempt to register the keeper via IAutomationRegistrarInterface.registerUpkeep
will fail because the amount
parameter (derived from _initLinkDeposit
) will be zero. This failure causes fulfillMintRequest
to revert. Crucially, the ETH paid by the user in the initial requestMintWeatherNFT
call is not refunded, and the user does not receive an NFT.
Likelihood:
When a user mistakenly provides 0
for _initLinkDeposit
while intending to register a keeper and believing any LINK on the contract or their balance might be used.
When an attacker or curious user probes the minting function with _registerKeeper = true
and _initLinkDeposit = 0
to understand system behavior or potentially cause issues.
Impact:
Loss of User Funds: The user loses the ETH minting fee paid during the requestMintWeatherNFT
call because this transaction succeeds, but the subsequent fulfillMintRequest
(which actually mints the NFT and registers the keeper) reverts.
No NFT Received: Due to the revert in fulfillMintRequest
, the NFT is never minted to the user.
Wasted Resources: Gas is consumed for the successful requestMintWeatherNFT
call, the Chainlink Functions request (which consumes LINK from the contract's subscription), and the failed fulfillMintRequest
call.
This test fails with the message [FAIL: next call did not revert as expected]
. This directly proves that requestMintWeatherNFT
does not revert when _registerKeeper
is true and _initLinkDeposit
is 0, allowing the problematic sequence to begin.
Add a requirement in the requestMintWeatherNFT
function to ensure that if _registerKeeper
is true, then _initLinkDeposit
must be greater than zero. This will cause the transaction to revert early, preventing the user from losing their ETH minting fee.
This is informational/invalid. If the LINK deposit is not enough, the function `registerUpkeep` will revert and it is responsibility of the user to provide the correct amount of `_initLinkDeposit`, if the user wants automated weather updates.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.