Lack of Access Control Leading to Unrestricted Minting Privilege
Root + Impact
The mintSnowman() function lacks any access control mechanism, allowing any external address to mint an arbitrary number of Snowman NFTs.
Description
Malicious actors can mint unlimited NFTs for themselves or others, completely bypassing intended distribution mechanisms. That means that the NFT's scarcity and value can be destroyed by infinite supply inflation.
Protocol governance tokens or rewards tied to NFT ownership can be exploited unfairly.
Key Issues
No checks on msg.sender allows any EOA or contract to call the function
The receiver parameter isn't validated (could be zero address)
Risk
Likelihood: High
-
Can be minted at any time
-
Can be minted in any amount
Impact: High
-
Unlimited Snowman amounts can be minted
-
Users will not need to buy snow anymore, breaking the protocol's core logic.
Proof of Concept
Recommended Mitigation
Implement strict access control to restrict minting to only the authorized SnowmanAirdrop contract:
Lead Judging Commences
Unrestricted NFT mint function
The mint function of the Snowman contract is unprotected. Hence, anyone can call it and mint NFTs without necessarily partaking in the airdrop.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.