Edition contract does not return excess funds when minting tokens.
Summary
Edition contract does not return excess funds when minting tokens.
Vulnerability Detail
The Edition::mint function claims to return excess funds after issuing the token, but the function sends the msg.value of the mint call to the FeeManager contract, by calling FeeManager::collectMintFee which doesn't return the excess after collecting the fees. The issue also occurs in Edition::mintBatch,Edition::mintWithComment
Impact
Users will lose their funds if they send more than the exact minting fee.
pynschon
medium
Editioncontract does not return excess funds when minting tokens.Summary
Editioncontract does not return excess funds when minting tokens.Vulnerability Detail
The
Edition::mintfunction claims to return excess funds after issuing the token, but the function sends themsg.valueof the mint call to theFeeManagercontract, by callingFeeManager::collectMintFeewhich doesn't return the excess after collecting the fees. The issue also occurs inEdition::mintBatch,Edition::mintWithCommentImpact
Users will lose their funds if they send more than the exact minting fee.
Code Snippet
https://github.com/sherlock-audit/2024-04-titles/blob/main/wallflower-contract-v2/src/editions/Edition.sol#L228C1-L242C6
https://github.com/sherlock-audit/2024-04-titles/blob/main/wallflower-contract-v2/src/fees/FeeManager.sol#L183C1-L193C6
Tool used
Manual Review
Recommendation
Return the excess funds back to the
Editioncontract after collecting the fees.