The function randomIndex bases the randomness on nonce, msg.sender, block.difficulty, block.timestamp.
These are not really random.
You could for example make a contract that calls mint(), then checks which NFT is received,
and if you don't like the NFT just revert and try again in another transaction.
Proof of Concept
uint index = uint(keccak256(abi.encodePacked(nonce, msg.sender, block.difficulty, block.timestamp))) % totalSize;
Tools Used
Editor
Recommended Mitigation Steps
Maybe the randomness is not really important (because all NFT's have the same value).
If it is important use another approach for randomness, for example a random oracle or a commit reveal schema
Handle
gpersoon
Vulnerability details
Impact
The function randomIndex bases the randomness on nonce, msg.sender, block.difficulty, block.timestamp. These are not really random. You could for example make a contract that calls mint(), then checks which NFT is received, and if you don't like the NFT just revert and try again in another transaction.
Proof of Concept
uint index = uint(keccak256(abi.encodePacked(nonce, msg.sender, block.difficulty, block.timestamp))) % totalSize;
Tools Used
Editor
Recommended Mitigation Steps
Maybe the randomness is not really important (because all NFT's have the same value). If it is important use another approach for randomness, for example a random oracle or a commit reveal schema