Beatland Festival

First Flight #44
Beginner FriendlyFoundrySolidityNFT
100 EXP
View results
Submission Details
Impact: high
Likelihood: high
Invalid

Missing Check for burnFrom() Authorization in redeemMemorabilia

Root + Impact

Description

The redeemMemorabilia function calls

BeatToken(beatToken).burnFrom(msg.sender, collection.priceInBeat);

Risk

Likelihood:

  • Reason 1: If the BEAT token doesn't properly restrict burnFrom() (e.g., using msg.sender only), then any address can potentially trigger a burn from another user's balance.

Impact:

  • Impact 1: Unauthorized token burning, leading to DoS or stolen value.


Proof of Concept

festival.redeemMemorabilia(collectionId); // No approval required
// If BeatToken doesn't enforce proper msg.sender == festivalContract, tokens can be burned freely.

Recommended Mitigation

Ensure burnFrom() in BeatToken strictly checks:

Or add approval mechanism before burn.

require(msg.sender == expectedContract); // or via allowances
Updates

Lead Judging Commences

inallhonesty Lead Judge
about 2 months ago
inallhonesty Lead Judge about 1 month ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.