search

code-423n4 / 2023-10-nextgen-findings

5 stars 3 forks source link

Collection randomizer can be updated while collection is frozen #1969

Closed c4-submissions closed 10 months ago

c4-submissions commented 10 months ago

Lines of code

https://github.com/code-423n4/2023-10-nextgen/blob/8b518196629faa37eae39736837b24926fd3c07c/smart-contracts/NextGenCore.sol#L170-L174

Vulnerability details

Impact

The current design allows for the Randomizer contract to be modified at any time, even when the collection is in a frozen state. This unrestricted capability poses a risk of disruptions and unfair activities during the minting process.

Proof of Concept

The addRandomizer() function grants the function admin the ability to set or modify the randomizer contract for any collection at any time. Despite its name suggesting addition, it actually facilitates modifications as well.

Ideally, the freezeCollection function should provide a means for admins to freeze collection data for transparency on the blockchain, ensuring fairness for users participating in token minting. In the current scenario, however, the option to update the randomizer for a collection remains active even after the collection is frozen.

Tools Used

VSCode

Recommended Mitigation Steps

Add the following check to the addRandomizer function:

require(collectionFreeze[_collectionID] == false, "collection is frozen");

Assessed type

Invalid Validation

c4-pre-sort commented 10 months ago

141345 marked the issue as duplicate of #1163

c4-judge commented 10 months ago

alex-ppg marked the issue as not a duplicate

c4-judge commented 10 months ago

alex-ppg marked the issue as duplicate of #661

c4-judge commented 10 months ago

alex-ppg marked the issue as unsatisfactory: Invalid