search

zlsecure3 / review_star

0 stars 0 forks source link

Wrong airdrop address #42

Open zlsecure3 opened 1 year ago

zlsecure3 commented 1 year ago

subject

Wrong airdrop address

description

In the StarNameService module, the airdrop_mint function is used to airdrop SNS NFT to the specified to address. However, the wrong receiving address was passed in during the create_name_script_nft operation. It incorrectly filled in the signer address for the to address that should have obtained the SNS NFT.

recommendation

It is recommended to replace the address of signer with the address of to, the following is the repair reference:

create_name_script_nft(&resource_account_signer, to, name, domain_name, description, main_uri, duration);

locations

severity

Medium

damage

exploitability

category

Logical

system_generated: auditor:Kong7ych3 submission_id:1469205386

zlsecure3 commented 1 year ago

grading (edit)

submission_id:1469205386

review_type:GRADING

result: TBD-yes,no

rating: TBD-123

comment: TBD-Rejected,Accepted by Secure3.

severity: TBD-Critical,Medium,Low,Informational

category:

description:

zlsecure3 commented 1 year ago

client feedback (manual copy)

submission_id:1469205386

review_type:CLIENT_FEEDBACK

result: TBD-yes,no

severity: TBD-Critical,Medium,Low,Informational

comment:

zlsecure3 commented 1 year ago

client feedback decision(edit)

submission_id:1469205386

review_type:CLIENT_FEEDBACK_DECISION

result: TBD-yes,no,yes-honored,no-honored

severity: TBD-Critical,Medium,Low,Informational

comment: