Open highskore opened 1 month ago
Valid one! But it was discovered first by another auditor -> https://github.com/Egis-Security/CTF_Challenge/issues/22
After additional consideration I decide to split the reward for this one between this issue and #22 .
The reason is because #22 is the first report of this bug, however this submission is the first to also provides a viable recommendation to fixing it.
It seems fair to reward both auditors for their effort
If there's a user that minted an nft using his own funds, calling the
deposit()
function, the funds would be stored under his address indeposits[msg.sender]
and the nft is minted to his address.if the user transfers the nft to another address and then calls the withdraw function, it will try to withdraw funds from his own deposit
deposits[msg.sender] -= depositRequired;
The result is that the first will never be able to withdraw the funds
Mitigation:
update the deposits mapping on inside the ERC712 transfer function(s)