c4-judge
commented
2 months ago koolexcrypto changed the severity to 2 (Med Risk)
Closed howlbot-integration[bot] closed 2 months ago
c4-judge
commented
2 months ago koolexcrypto changed the severity to 2 (Med Risk)
c4-judge
commented
2 months ago koolexcrypto marked the issue as satisfactory
Lines of code
https://github.com/code-423n4/2024-07-traitforge/blob/279b2887e3d38bc219a05d332cbcb0655b2dc644/contracts/TraitForgeNft/TraitForgeNft.sol#L215
Vulnerability details
Impact
users won't be able to mint NFTs using
TraitForgeNFT::mintWithBudgetfunction. Minting NFTs usingTraitForgeNFT::mintWithBudgetfunction is not possible anymore once the_tokenIdreaches 10000. Players will stop engaging with the protocol as it would be very hard for them to mint multiple NFTs and the protocol will lose its users.Vulnerability details
The
TraitForgeNFT::mintWithBudgetfunction is used to mint NFTs using a budget. The function checks if the _tokenId is greater than maxTokensPerGen. If the _tokenId is greater than maxTokensPerGen which is 10000, the function will revert. _tokenId is incremented by 1 after each mint and it is accounting for every generations and not just current generation. So once we mint 10000 NFTs, the _tokenId will be 10000 and the function will revert and users won't be able to mint NFTs usingTraitForgeNFT::mintWithBudgetfunction.Proof of Concept
Github:-https://github.com/code-423n4/2024-07-traitforge/blob/279b2887e3d38bc219a05d332cbcb0655b2dc644/contracts/TraitForgeNft/TraitForgeNft.sol#L215
Tools Used
Manual Review
Recommended Mitigation Steps
Remove the unnecessary check for _tokenIds < maxTokensPerGen in the TraitForgeNFT::mintWithBudget function.
Assessed type
Invalid Validation