Submission Details
Severity:
No access control in mintSnowman
Root + Impact
Description
-
NFT minting should normally be restricted to a certain set of privileged addresses
-
This contract allows anyone to mint an NFT for free
function mintSnowman(address receiver, uint256 amount) external { //no access control
for (uint256 i = 0; i < amount; i++) {
_safeMint(receiver, s_TokenCounter);
emit SnowmanMinted(receiver, s_TokenCounter);
s_TokenCounter++;
}
}
Risk
Likelihood:
Anyone can call mintSnowman and mint as many NFTs as they want
Impact:
The whole staking process is bypassed and users can claim the NFT at no cost
Proof of Concept
Alice calls mintSnowman and gets free NFTs
Recommended Mitigation
Implement access control so that only the airdrop contract may call mintSnowman on behalf of users.
+ modifier onlyAirdrop() {
if (msg.sender != s_airdropContract) {
revert S__NotAllowed();
}
_;
}
+ function mintSnowman(address receiver, uint256 amount) external onlyAirdrop{
for (uint256 i = 0; i < amount; i++) {
_safeMint(receiver, s_TokenCounter);
emit SnowmanMinted(receiver, s_TokenCounter);
s_TokenCounter++;
}
}
Updates
Lead Judging Commences
yeahchibyke 5 months ago
Submission Judgement Published Assigned finding tags:
Unrestricted NFT mint function
The mint function of the Snowman contract is unprotected. Hence, anyone can call it and mint NFTs without necessarily partaking in the airdrop.
Rewards breakdown
nSLOC
215This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.