search

code-423n4 / 2023-01-drips-findings

0 stars 2 forks source link

Use safe ERC721 mint #128

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-01-drips/blob/main/src/NFTDriver.sol#L68

Vulnerability details

Impact

The function does not check if the caller has permission to mint new tokens. This could potentially lead to the unauthorized minting of tokens.

Proof of Concept

At https://github.com/code-423n4/2023-01-drips/blob/main/src/NFTDriver.sol#L68

    function mint(address to, UserMetadata[] calldata userMetadata)
        public
        whenNotPaused
        returns (uint256 tokenId)
    {
        tokenId = _registerTokenId();
        _mint(to, tokenId);
        if (userMetadata.length > 0) dripsHub.emitUserMetadata(tokenId, userMetadata);
    }

Tools Used

Manual VS Code

Recommended Mitigation Steps

    function mint(address to, UserMetadata[] calldata userMetadata)
        public
        whenNotPaused
        returns (uint256 tokenId)
    {
        tokenId = _registerTokenId();
        _safeMint(to, tokenId);
        if (userMetadata.length > 0) dripsHub.emitUserMetadata(tokenId, userMetadata);
    }
GalloDaSballo commented 1 year ago

https://github.com/code-423n4/2023-01-drips/blob/9fd776b50f4be23ca038b1d0426e63a69c7a511d/src/NFTDriver.sol#L91

It's not a token with underlying valu

GalloDaSballo commented 1 year ago

Also safeMint wouldn't help a bypass

c4-judge commented 1 year ago

GalloDaSballo marked the issue as unsatisfactory: Invalid