c4-pre-sort
commented
7 months ago 141345 marked the issue as sufficient quality report
Closed c4-submissions closed 7 months ago
c4-pre-sort
commented
7 months ago 141345 marked the issue as sufficient quality report
c4-sponsor
commented
7 months ago a2rocket (sponsor) disputed
a2rocket
commented
7 months ago this is the intended design, burnToMint's new token inherints the burnt token tokenData.
alex-ppg
commented
7 months ago The Warden specifies that it is undesirable to inherit the tokenData of the burnt token for a newly minted token via burnToMint, however, the Sponsor dictates that this is expected behavior.
Given that this data is meant for off-chain purposes and the Sponsor cites this as desirable behaviour, I consider this exhibit invalid. To note, this is also detailed in the project's documentation provided during the contest.
c4-judge
commented
7 months ago alex-ppg marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-10-nextgen/blob/main/smart-contracts/NextGenCore.sol#L218
Vulnerability details
Impact
When the
burnToMint()function is called, a token from one collection is burned and a new token from a new collection is minted. The oldesttokenDatais transferred to the newly minted token, which is incorrect._mintProcessing(mintIndex, ownerOf(_tokenId), tokenData[_tokenId], _mintCollectionID, _saltfun_o);The term
tokenDatarefers to additional data that will be stored on-chain for each minted token. The data for every token is expected to be different and once set,tokenDatacan not be changed in the future.This design may introduce potential issues if a user wishes to store different data on-chain and no longer use the old
tokenData.Recommended Mitigation Steps
Add the possibility for the user to change
tokenDatawhen usingburnToMint().Assessed type
Context