Snowman Merkle Airdrop
First Flight #42
Beginner FriendlyFoundrySolidityNFT
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

Lacks access control on `Snowman::mintSnowman` function allows anyone and anytime can mint Nfts freely.

juliancabmar

Description:
The mintSnowman function in the Snowman contract is external and lacks access control, making it vulnerable to infinite free minting for anyone.

@> function mintSnowman(address receiver, uint256 amount) external {
for (uint256 i = 0; i < amount; i++) {
_safeMint(receiver, s_TokenCounter);
emit SnowmanMinted(receiver, s_TokenCounter);
s_TokenCounter++;
}
}

Impact:
Anyone can mint unlimited Snowman NFTs freely at any time, breaking scarcity and the intended distribution process.

Proof of Concept:
Add the following after the TestSnowmanAirdrop test suite:

function testAnyoneAnytimeCanMintSnowman() public {
vm.prank(bob);
nft.mintSnowman(bob, 10);
assertEq(nft.balanceOf(bob), 10);
}

Recommended Mitigation:
Use the onlyOwner modifier on Snowman::mintSnowman declaration.

- function mintSnowman(address receiver, uint256 amount) external {
+ function mintSnowman(address receiver, uint256 amount) external onlyOwner {
for (uint256 i = 0; i < amount; i++) {
// _safeMint(receiver, s_TokenCounter);
emit SnowmanMinted(receiver, s_TokenCounter);
s_TokenCounter++;
}
}
Updates

Lead Judging Commences

yeahchibyke Lead Judge about 2 months ago
Submission Judgement Published
Validated
Assigned finding tags:

Unrestricted NFT mint function

The mint function of the Snowman contract is unprotected. Hence, anyone can call it and mint NFTs without necessarily partaking in the airdrop.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.