Closed sherlock-admin3 closed 2 months ago
Escalate
Escalate
You've created a valid escalation!
To remove the escalation from consideration: Delete your comment.
You may delete or edit your escalation comment anytime before the 48-hour escalation window closes. After that, the escalation becomes final.
Here I dealt with the case where the buyer himself is listed as the refferer. _calculateMintFee does not validate this case in any way, although it in turn allows to reduce paid commissions by 50%. (50% goes to the refferer, because it is assumed that the nft is made on his template or something, but there is no way to control that the refferer != msg.sender) I didn't specify this in the report, unfortunately, but it also adds an extra risk of potentially Reentrancy.
I think this is a valid issue, as the problem with unnecessary user power when specifying refferer can lead to a reduced commission. The protocol should automatically calculate the refferer using Graph
Agree with the escalation, planning to accept and duplicate with #267
Result: High Duplicate of #267
This issue was mistakenly picked as a duplicate for #267 and in fact should be a duplicate of #405. The validity of the issue depends on the escalation outcome of #405
BengalCatBalu
medium
Reduction of the commission for the mint due to a lack of data validation in the _collectMintFee function
Summary
The lack of data validation in the
FeeManager::calculateMintFee
andFeeManager::_calculateMintFee
functions has been described in detail in this issue Here I would like to focus on a specific edge case, when msg.sender is specified as the referer_If you specify yourself as a referer, then 50% of the protocolFee will be sent to your address in the
FeeManager::_splitProtocolFee
function, thus you significantly reduce the cost of the commission you pay for the mint.Vulnerability Detail
I have described the process of paying commissions in minutes in detail in the other two issues first second first Title -
In the FeeManager.sol::_splitProtocolFee function, the collectionReffererShare recipient is misspelled.
second Title -There is no validation on the FeeManager::collectMintFee function, anyone can call it
It can be seen from them that the specified refferer_ is not validated in any way and receives 50% of the protocolFeeImpact
The commission fee is greatly reduced for the user who takes advantage of this last resort. Score: medium
Code Snippet
_splitProtocolFee function
Tool used
Manual Review
Recommendation
Add appropriate validation to eliminate this edge case
Duplicate of #405