Minting new tokens becomes permanently impossible unless the last NFT is burned
Summary
The mint function uses the totalSupply to mint the next NFT, however, if not the last NFT is burned, the totalSupply will be equal to the Id of the last NFT, causing a revert in mint.
Vulnerability Detail
The mint function uses the totalSupply to mint the next NFT, but the totalSupply can be decreased by burn, mint may mints existed NFT and reverts.
function mint(
address newMember
) external onlyRole(GOVERNANCE_COUNCIL_ROLE) {
if (totalSupply() != 0) {
_retrieve();
}
balances.push(0);
_mint(newMember, totalSupply());
}
For example, if two NFTs [0,1] are in the contract, and the NFT0 is burned, you cannot mint new NFTs.
Add the test to telcoin-audit/test/sablier/CouncilMember.test.ts and run it with npx hardhat test.
Krace
high
Minting new tokens becomes permanently impossible unless the last NFT is burned
Summary
The
mint
function uses thetotalSupply
to mint the next NFT, however, if not the last NFT is burned, thetotalSupply
will be equal to the Id of the last NFT, causing a revert inmint
.Vulnerability Detail
The
mint
function uses thetotalSupply
to mint the next NFT, but thetotalSupply
can be decreased byburn
,mint
may mints existed NFT and reverts.For example, if two NFTs [0,1] are in the contract, and the NFT0 is burned, you cannot mint new NFTs. Add the test to
telcoin-audit/test/sablier/CouncilMember.test.ts
and run it withnpx hardhat test
.Impact
Minting new tokens becomes permanently impossible unless the last NFT is burned.
Code Snippet
https://github.com/sherlock-audit/2024-01-telcoin/blob/0954297f4fefac82d45a79c73f3a4b8eb25f10e9/telcoin-audit/contracts/sablier/core/CouncilMember.sol#L173-L182
Tool used
hardhat
Recommendation
It's recommended to use a self-increasing counter to calculate the next NFT's ID.
Duplicate of #199