NFT Dealers

First Flight #58

Beginner FriendlyFoundry

100 EXP

View all submissions

Previous Next

Submission Details

Impact: high

Likelihood: high

Lack of mint limits allows whitelisted user to consume the entire NFT supply

Author Revealed upon completion

`mintNft()` allows any whitelisted address to mint as much nfts as it wants by paying some usdc collateral for minting

Description

Normal- Whitelisted users should be able to mint NFTs; however, a per-user mint limit should be enforced to prevent a single user from minting the entire supply.
Issue- There are no limits which opens a risk of DoS for other users when trying to mint an nft

function mintNft() external payable onlyWhenRevealed onlyWhitelisted {

// @audit-issue whitlister mints unlimited nfts

@> // missing check

if (msg.sender == address(0)) revert InvalidAddress();

Risk

Likelihood:

High - it can occur at anytime from any whitelisted account

Impact:

Critical - If one consumes all the nfts and max supply is reached , other users cannot mint

Proof of Concept

Attacker is a whitelisted user and has good amount of USDC.
Attacker repeatedly calls mintNft() in a loop.
Each call successfully mints an NFT and increases total supply.
Attacker continues minting until maxSupply is reached.
A new whitelisted user attempts to mint an NFT.
mintNft() reverts with "Max supply reached".
The new user is unable to mint, effectively denied access.

function test_attackVector2() external revealed whitelisted {

usdc.mint(userWithCash, 20_000e6);

for (uint256 i = 0; i < 1000; i++) {

vm.startPrank(userWithCash);

usdc.approve(address(nftDealers), 20e6);

nftDealers.mintNft();

vm.stopPrank();

}

address user1 = address(0x1);

vm.prank(owner);

nftDealers.whitelistWallet(user1);

vm.prank(user1);

vm.expectRevert("Max supply reached");

nftDealers.mintNft();

}

Recommended Mitigation

Add a mapping(address account => uint256 nfts) amountOfNfts and store each user how many nfts he has minted. Consider adding a limit example 5 per account and validate when minting that the current account is withing the limits.

- remove this code

+ add this code

Rewards breakdown

nSLOC

253

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!