Closed sherlock-admin4 closed 1 month ago
Escalate
This issue is a valid excluded dup of #280
Escalate
This issue is a valid excluded dup of #280
You've created a valid escalation!
To remove the escalation from consideration: Delete your comment.
You may delete or edit your escalation comment anytime before the 48-hour escalation window closes. After that, the escalation becomes final.
Agree with the escalation, planning to accept and duplicate with #280
Result: Medium Duplicate of #280
alexzoid
medium
Incorrect Fee Handling in Batch Minting
Summary
The
mintBatch
function in theEdition
contract incorrectly handlesEther
transactions when minting multiple tokens in a loop, leading to insufficient fee coverage.Vulnerability Detail
In the
mintBatch
function,msg.value
is used directly in thecollectMintFee
function for each iteration of the loop. As a result, the totalEther
sent will either be insufficient to cover all fees.Impact
This will lead to transactions failing due to insufficient fees for each minting operation.
Code Snippet
https://github.com/sherlock-audit/2024-04-titles/blob/main/wallflower-contract-v2/src/editions/Edition.sol#L277-L297
Tool used
Manual Review
Recommendation
Modify the
mintBatch
function to calculate the required fee for each mint operation individually and then sum these to determine the total fee required for the batch. Only this amount should be sent to theFEE_MANAGER
. Any excess Ether should remain in the contract balance to be refunded by_refundExcess
.Duplicate of #280