If a fee strategy's mintFee increases, users may be forced to pay more fees than they initially expected. This can either occur by accident or due to a malicious work creator.
Vulnerability Detail
A fee strategy's mintFee can always be changed by the work creator:
function setFeeStrategy(uint256 tokenId_, Strategy calldata strategy_) external {
if (msg.sender != works[tokenId_].creator) revert Unauthorized();
works[tokenId_].strategy = FEE_MANAGER.validateStrategy(strategy_);
}
The lack of slippage protection for the amount of mint fees the user is going to pay opens up the opportunity for users to pay more mint fees than expected.
This may occur, due to the fact that users expect any unused funds to be refunded and may intentionally send more ETH, expecting any funds that aren't used to be send back, or in the case where fees are denominated in ERC20 tokens, users may approve the FeeManager.sol uint256.max of their tokens.
Consequently, the mint fee may be increased right before their mint, forcing them to pay more fees than expected. Furthermore, in the case of a malicious work creator, the mint fee may increase drastically right before a mint. This becomes especially dangerous when the fee is an ERC20 token and the minter has approved the maximum amount.
trachev
medium
No slippage protection for mint fee payments
Summary
If a fee strategy's
mintFee
increases, users may be forced to pay more fees than they initially expected. This can either occur by accident or due to a malicious work creator.Vulnerability Detail
A fee strategy's
mintFee
can always be changed by the work creator:The lack of slippage protection for the amount of mint fees the user is going to pay opens up the opportunity for users to pay more mint fees than expected. This may occur, due to the fact that users expect any unused funds to be refunded and may intentionally send more ETH, expecting any funds that aren't used to be send back, or in the case where fees are denominated in ERC20 tokens, users may approve the FeeManager.sol uint256.max of their tokens. Consequently, the mint fee may be increased right before their mint, forcing them to pay more fees than expected. Furthermore, in the case of a malicious work creator, the mint fee may increase drastically right before a mint. This becomes especially dangerous when the fee is an ERC20 token and the minter has approved the maximum amount.
Impact
Possible loss of funds for minters.
Code Snippet
https://github.com/sherlock-audit/2024-04-titles/blob/main/wallflower-contract-v2/src/editions/Edition.sol#L228-L242
Tool used
Manual Review
Recommendation
Add a maximum mint fee parameter in all mint functions and revert if the fees paid by the user are more than the maximum.