Edition contract does not return excess funds when minting tokens.
Summary
Edition contract does not return excess funds when minting tokens.
Vulnerability Detail
The Edition::mint function claims to return excess funds after issuing the token, but the function sends the msg.value of the mint call to the FeeManager contract, by calling FeeManager::collectMintFee which doesn't return the excess after collecting the fees. The issue also occurs in Edition::mintBatch,Edition::mintWithComment
Impact
Users will lose their funds if they send more than the exact minting fee.
pynschon
medium
Edition
contract does not return excess funds when minting tokens.Summary
Edition
contract does not return excess funds when minting tokens.Vulnerability Detail
The
Edition::mint
function claims to return excess funds after issuing the token, but the function sends themsg.value
of the mint call to theFeeManager
contract, by callingFeeManager::collectMintFee
which doesn't return the excess after collecting the fees. The issue also occurs inEdition::mintBatch
,Edition::mintWithComment
Impact
Users will lose their funds if they send more than the exact minting fee.
Code Snippet
https://github.com/sherlock-audit/2024-04-titles/blob/main/wallflower-contract-v2/src/editions/Edition.sol#L228C1-L242C6
https://github.com/sherlock-audit/2024-04-titles/blob/main/wallflower-contract-v2/src/fees/FeeManager.sol#L183C1-L193C6
Tool used
Manual Review
Recommendation
Return the excess funds back to the
Edition
contract after collecting the fees.