Since the critical parameters like royaltiesAddress, royaltiesBps, metadataUpdatable, tokensBurnable, tokensTransferable are updated, missing any one of them could cause irreversible damage in short span of time.
Recent hacks due this kind of user error can be remembered.
Impact
When any one of the critical parameters royaltiesAddress, royaltiesBps, metadataUpdatable, tokensBurnable, tokensTransferableare missed to update. this could cause irreversible damage in short span of time till it is patched by the admin.
The operations depends on these parameters could be affected.
It is highly recommended to validated such of these critical parameters always. Missing of anyone could cause big impact on the project in short span of time.
ak1
high
Lack of validation check for runtimeConfig durnng initialization in ERC721NFTProduct and ERC1155NFTProduct contracts.
Summary
Lack of validation check for
runtimeConfigduring initialization in ERC721NFTProduct and ERC1155NFTProduct contracts.Vulnerability Detail
https://github.com/sherlock-audit/2022-10-nftport/blob/main/evm-minting- master/contracts/templates/ERC1155NFTProduct.sol#L88-L106
https://github.com/sherlock-audit/2022-10-nftport/blob/main/evm-minting-master/contracts/templates/ERC721NFTProduct.sol#L82-L100
Since the critical parameters like royaltiesAddress, royaltiesBps, metadataUpdatable, tokensBurnable, tokensTransferable are updated, missing any one of them could cause irreversible damage in short span of time. Recent hacks due this kind of user error can be remembered.
Impact
When any one of the critical parameters
royaltiesAddress, royaltiesBps, metadataUpdatable, tokensBurnable, tokensTransferableare missed to update. this could cause irreversible damage in short span of time till it is patched by the admin. The operations depends on these parameters could be affected.Code Snippet
https://github.com/sherlock-audit/2022-10-nftport/blob/main/evm-minting- master/contracts/templates/ERC1155NFTProduct.sol#L88-L106
https://github.com/sherlock-audit/2022-10-nftport/blob/main/evm-minting-master/contracts/templates/ERC721NFTProduct.sol#L82-L100
Tool used
Manual Review
Recommendation
It is highly recommended to validated such of these critical parameters always. Missing of anyone could cause big impact on the project in short span of time.
Duplicate of #83