users won't be able to mint NFTs using TraitForgeNFT::mintWithBudget function. Minting NFTs using TraitForgeNFT::mintWithBudget function is not possible anymore once the _tokenId reaches 10000. Players will stop engaging with the protocol as it would be very hard for them to mint multiple NFTs and the protocol will lose its users.
Vulnerability details
The TraitForgeNFT::mintWithBudget function is used to mint NFTs using a budget. The function checks if the _tokenId is greater than maxTokensPerGen. If the _tokenId is greater than maxTokensPerGen which is 10000, the function will revert. _tokenId is incremented by 1 after each mint and it is accounting for every generations and not just current generation. So once we mint 10000 NFTs, the _tokenId will be 10000 and the function will revert and users won't be able to mint NFTs using TraitForgeNFT::mintWithBudget function.
Lines of code
https://github.com/code-423n4/2024-07-traitforge/blob/279b2887e3d38bc219a05d332cbcb0655b2dc644/contracts/TraitForgeNft/TraitForgeNft.sol#L215
Vulnerability details
Impact
users won't be able to mint NFTs using
TraitForgeNFT::mintWithBudget
function. Minting NFTs usingTraitForgeNFT::mintWithBudget
function is not possible anymore once the_tokenId
reaches 10000. Players will stop engaging with the protocol as it would be very hard for them to mint multiple NFTs and the protocol will lose its users.Vulnerability details
The
TraitForgeNFT::mintWithBudget
function is used to mint NFTs using a budget. The function checks if the _tokenId is greater than maxTokensPerGen. If the _tokenId is greater than maxTokensPerGen which is 10000, the function will revert. _tokenId is incremented by 1 after each mint and it is accounting for every generations and not just current generation. So once we mint 10000 NFTs, the _tokenId will be 10000 and the function will revert and users won't be able to mint NFTs usingTraitForgeNFT::mintWithBudget
function.Proof of Concept
Github:-https://github.com/code-423n4/2024-07-traitforge/blob/279b2887e3d38bc219a05d332cbcb0655b2dc644/contracts/TraitForgeNft/TraitForgeNft.sol#L215
Tools Used
Manual Review
Recommended Mitigation Steps
Remove the unnecessary check for _tokenIds < maxTokensPerGen in the TraitForgeNFT::mintWithBudget function.
Assessed type
Invalid Validation