Closed sherlock-admin2 closed 8 months ago
1 comment(s) were left on this issue during the judging contest.
takarez commented:
valid because {this is valid and same with issue 109 due to the same underlying cause of poor implementation of burn function}
jah
high
we can't call mint function after we called burn funciton
Summary
the mint function will revert after we called the burn function
Vulnerability Detail
since the mint function uses totalsupply() to mint the tokenid we might try to mint the same tokenid which will cause a revert so lets say the governance called the mint function and at that time totalsupply() was 10 then that token was minted which means the totalsupply() will be 11 the burn function was called to burn the tokenid of 5 which will make the totalsupply back to 10 so if we ever tried to mint a token it will try to mint an already minted tokenid which is 10
Impact
can cause the function to stop working
Code Snippet
https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/sablier/core/CouncilMember.sol#L181
Tool used
Manual Review
Recommendation
don't use totalsupply() as tokenid
Duplicate of #199