[H-2] Incorrect state reset in configurePass allows bypassing maxSupply and causes accounting desynchronization

Description

• The `FestivalPass::configurePass` function contains a critical logic flaw where it resets the `passSupply` to zero whenever a pass configuration is updated. This allows an organizer to inadvertently or maliciously override the global supply tracking.

• Additionally, the function lacks a check to ensure the newMaxSupply is not lower than the current passSupply. Because the current supply is zeroed out, the contract loses track of previously minted tokens. This enables the total number of circulating passes to exceed the intended maxSupply, breaking the scarcity model of the festival tiers and leading to potential overbooking or dilution of value.

Risk

Likelihood:

• When the organizer misconfigures a pass

Impact:

• Over-minting: An unlimited number of passes can be minted by repeatedly calling configurePass.

• Broken Accounting: The passSupply mapping becomes an inaccurate representation of circulating tokens, which can break downstream logic relying on supply data (e.g., secondary market royalties, rarity calculations, or access control).

Proof of Concept

The vulnerability occurs because the contract fails to preserve the historical minting state during reconfiguration.

1. Initial State: GENERAL_PASS has a maxSupply of 5000. 2000 passes are minted; `passSupply[1]` is now 2000.

2. Reconfiguration: The organizer calls `configurePass(1, 0.05 ether, 1000)`.

3. State Corruption: `passSupply[passId]` is now 0; resets the counter.

4. Violation: Users can now mint another 1000 passes. In reality, 2000 passes exist in circulation, but the contract believes only 1000 (or fewer) exist, successfully bypassing the maxSupply constraint.

Recommended Mitigation

Remove the line that resets `passSupply[passId]` to zero. Additionally, add a requirement to ensure the new maxSupply is at least equal to the number of tokens already minted to prevent state inconsistency.