Submission Details
Impact:
Likelihood:
No address zero check
In buy present function no address zero check
Description
Protcol does not check in butPresent fucntion for address(0) check if it occurs revert
// Root cause in the codebase with @> marks to highlight the relevant section
function buyPresent(address presentReceiver) external {
@> //audit-informational no zero address check
i_santaToken.burn(presentReceiver);//audit-high why the presentReceiver is one whos token getting burned?? and not msg.sender and why we use _mintAndIncrement if its mint token for msg.sender so in this case to present giver
_mintAndIncrement();
}
Risk
Likelihood:
Medium, anyone can call this function but small amount of users will call it with address(0) to check for exploit
Impact:
Low, doest nothing expect burn address0 funds
Proof of Concept
We can call this function with address0 as a parameter of presentReveiver this will lead to mint nft for msg.sender but this vurneblitiy was reporpted by me before.
function testProofOfCodeAddress0() public {
vm.prank(user);
santasList.buyPresent(address(0));
}
Recommended Mitigation
- remove this code
+ add this code
function buyPresent(address presentReceiver) external {
+ if(presentReceiver == address(0)){
+ revert SantaList__InvalidAddrress();
+}
i_santaToken.burn(presentReceiver);
_mintAndIncrement();
}
Rewards breakdown
This contest has a flat reward structure with the following payouts:
Live
The contest is live. Earn rewards by submitting a finding.
Judging
Submissions are being reviewed by our AI judge. Results will be available in a few minutes.
View all submissionsRewards Distribution
The contest is complete and the rewards are being distributed.