c4-judge
commented
2 months ago koolexcrypto marked the issue as satisfactory
Closed howlbot-integration[bot] closed 2 months ago
c4-judge
commented
2 months ago koolexcrypto marked the issue as satisfactory
Lines of code
https://github.com/code-423n4/2024-07-traitforge/blob/279b2887e3d38bc219a05d332cbcb0655b2dc644/contracts/EntropyGenerator/EntropyGenerator.sol#L101-L120
Vulnerability details
Impact
All users minting a token will get entity with entropy as 0.
Proof of Concept
The getNextEntropy() function can be called without the entropies being written into the entropySlots. Since there is no validation in the function to make sure that the writeEntropyBatch functions have been called beforehand. This would make any user who uses the mintToken() or mintWithBudget() function to receive entities with 0 as the entropy. (https://github.com/code-423n4/2024-07-traitforge/blob/279b2887e3d38bc219a05d332cbcb0655b2dc644/contracts/EntropyGenerator/EntropyGenerator.sol#L101-L120)
It's better to check that the initializeAlphaIndices() function has also been called before.
Tools Used
Manual Review
Recommended Mitigation Steps
Add the following validation to the getNextEntropy() function (at line 102):
require(lastInitializedIndex == maxSlotIndex && slotIndexSelectionPoint != 0, "Entropy Slots not written yet");Assessed type
Invalid Validation