DatingDapp

AI First Flight #6

Beginner FriendlyFoundrySolidityNFT

EXP

View results

Previous Next

Submission Details

Impact: high

Likelihood: high

Invalid

`SoulboundProfileNFT::tokenURI` do not return the correct token metadata, it missing the prefix `data:application/json;base64,` for base64 encoded metadata, makes users can not easily check people's profiles

hmpippo

`SoulboundProfileNFT::tokenURI` do not return the correct token metadata, it missing the prefix `data:application/json;base64,` for base64 encoded metadata, makes users can not easily check people's profiles

Description

_baseURI() function is not overrided, it returns empty string by default. Thus, SoulboundProfileNFT::tokenURI do not return the correct token metadata, it missing the prefix data:application/json;base64, for base64 encoded metadata.

function tokenURI(uint256 tokenId) public view virtual override returns (string memory) {

if (ownerOf(tokenId) == address(0)) {

revert ERC721Metadata__URI_QueryFor_NonExistentToken();

}

string memory profileName = _profiles[tokenId].name;

uint256 profileAge = _profiles[tokenId].age;

string memory imageURI = _profiles[tokenId].profileImage;

return string(

abi.encodePacked(

@> _baseURI(),

Base64.encode(

bytes( // bytes casting actually unnecessary as 'abi.encodePacked()' returns a bytes

abi.encodePacked(

'{"name":"',

profileName,

'", ',

'"description":"A soulbound dating profile NFT.", ',

'"attributes": [{"trait_type": "Age", "value": ',

Strings.toString(profileAge),

"}], ",

'"image":"',

imageURI,

'"}'

)

);

}

Risk

Likelihood: High

Every time the tokenURI function is called, this gonna happen!

Impact:

User can not easily check another user's profile by tokenId, cuz tokenURI function can not render the metadata correctly.

Proof of Concept

User mint the profile
User call tokenURI function to check the profile

function testTokenURI() public {

vm.prank(user);

soulboundNFT.mintProfile("Alice", 25, "ipfs://profileImage");

uint256 tokenId = soulboundNFT.profileToToken(user);

string memory uri = soulboundNFT.tokenURI(tokenId);

console.log(uri);

assertTrue(bytes(uri).length > 0, "Token URI should be encoded in Base64");

}

Recommended Mitigation

We can override the _baseURI() function to return the correct prefix.

+ function _baseURI() internal view override returns (string memory) {

+ return "data:application/json;base64,";

+ }

Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge about 10 hours ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Rewards breakdown

This contest has a flat reward structure with the following payouts:

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being reviewed by our AI judge. Results will be available in a few minutes.

View all submissions

Rewards Distribution

The contest is complete and the rewards are being distributed.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!

DatingDapp

`SoulboundProfileNFT::tokenURI` do not return the correct token metadata, it missing the prefix `data:application/json;base64,` for base64 encoded metadata, makes users can not easily check people's profiles

SoulboundProfileNFT::tokenURI do not return the correct token metadata, it missing the prefix data:application/json;base64, for base64 encoded metadata, makes users can not easily check people's profiles

Description

Risk

Proof of Concept

Recommended Mitigation

Lead Judging Commences

Rewards breakdown

Live

Judging

Rewards Distribution

FAQs

`SoulboundProfileNFT::tokenURI` do not return the correct token metadata, it missing the prefix `data:application/json;base64,` for base64 encoded metadata, makes users can not easily check people's profiles