Closed sherlock-admin closed 1 year ago
SanketKogekar
medium
Missing check for checking tokenId on safeMint in FootiumClub contract. Same goes for function in FootiumPlayer contract.
tokenId
safeMint
FootiumClub
FootiumPlayer
function safeMint(address to, uint256 tokenId) external onlyRole(MINTER_ROLE) nonReentrant whenNotPaused {
The function will try to re-mint the NFT which is already minted resulting in unnecessaty gas cost.
https://github.com/sherlock-audit/2023-04-footium/blob/main/footium-eth-shareable/contracts/FootiumClub.sol#L56
Manual Review
Keep track of used tokenIds using mapping, and avoid accepting duplicate inputs.
SanketKogekar
medium
No check if NFT having same tokenId was already minted
Summary
Missing check for checking
tokenIdonsafeMintinFootiumClubcontract. Same goes for function inFootiumPlayercontract.Vulnerability Detail
Impact
The function will try to re-mint the NFT which is already minted resulting in unnecessaty gas cost.
Code Snippet
https://github.com/sherlock-audit/2023-04-footium/blob/main/footium-eth-shareable/contracts/FootiumClub.sol#L56
Tool used
Manual Review
Recommendation
Keep track of used tokenIds using mapping, and avoid accepting duplicate inputs.