ShaheenRehman
commented
1 month ago Escalate
Dup of #269
Closed sherlock-admin3 closed 2 months ago
ShaheenRehman
commented
1 month ago Escalate
Dup of #269
sherlock-admin3
commented
1 month ago Escalate
Dup of #269
You've created a valid escalation!
To remove the escalation from consideration: Delete your comment.
You may delete or edit your escalation comment anytime before the 48-hour escalation window closes. After that, the escalation becomes final.
WangSecurity
commented
1 month ago Agree with the escalation, planning to accept and duplicate with #269
Evert0x
commented
1 month ago Result: High Duplicate of #269
sherlock-admin2
commented
1 month ago
smbv-1923
medium
Excessive ETH passed during mint() would not be refunded
Summary
Excessive ETH passed during mint() would not be refunded
Vulnerability Detail
FEE_MANAGER.collectMintFee{value: msg.value}( this, tokenId_, amount_, msg.sender, referrer_, works[tokenId_].strategy );_refundExcess()get's called insidemint()at that time the excessive ETH would be insideFEE_MANAGERcontract and not inside Edition.sol https://github.com/sherlock-audit/2024-04-titles/blob/main/wallflower-contract-v2/src/editions/Edition.sol#L241_refundExcess()would not return excessive ETH passed by user resulting in a loss of user's fund.Impact
Code Snippet
https://github.com/sherlock-audit/2024-04-titles/blob/main/wallflower-contract-v2/src/editions/Edition.sol#L241 https://github.com/sherlock-audit/2024-04-titles/blob/main/wallflower-contract-v2/src/editions/Edition.sol#L512
Tool used
Manual Review
Recommendation
Duplicate of #269