Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Whitelisted addresses can mint more than maxMintPerAddress #4

Open
cleanunicorn opened this issue Aug 8, 2022 · 0 comments
Open

Whitelisted addresses can mint more than maxMintPerAddress #4

cleanunicorn opened this issue Aug 8, 2022 · 0 comments
Labels
Major Report

Comments

@cleanunicorn
Copy link
Member

Description

A user can call the method batchMint to mint a group of tokens. This method enforces a maximum number of tokens per whitelisted address using the modifier isNFTBalanceExceedsMaxMintPerAddress:

review-casinoverse-land-2022-08/code/contracts/Land.sol

Lines 419 to 432 in 0c7e33d

function batchMint(
uint256[] calldata _tokenIds,
string[] calldata _tokenURIs,
bytes32[] memory _merkleProof
)
external
payable
whenNotPaused
isCallerValid
isTotalMintedExceedsMaxSupply(_tokenIds.length)
isValidAmount(_tokenIds.length)
isNFTBalanceExceedsMaxMintPerAddress(msg.sender, _tokenIds.length)
isWhitelisted(_merkleProof)
{

Each user is allowed to mint up to a maximum number of tokens defined as maxMintPerAddress as enforced by the modifier isNFTBalanceExceedsMaxMintPerAddress:

review-casinoverse-land-2022-08/code/contracts/Land.sol

Lines 308 to 321 in 0c7e33d

/**
* @dev Throws if caller balance + amount of nft to mint
* exceeds maxMintPerAddress
*
* @param _address address of minter
* @param _nftQty amount of nft to mint
*/
modifier isNFTBalanceExceedsMaxMintPerAddress(address _address, uint256 _nftQty) {
require(
(balanceOf(_address) + _nftQty) <= maxMintPerAddress,
"Max nft per address reached"
);
_;
}

This modifier is added to both methods that mint tokens batchMint and mint.

However, the check uses the user's current balance, not how many tokens they minted. The user's balance can be modified by sending the tokens to a different address and calling batchmintMint again, minting up to maxMintPerAddress. The user can send the tokens to a different address and repeat the process.

Recommendation

Use a mapping that counts how many tokens were minted for each address. This way, the user has no option to decrease the number used when making the verification in isNFTBalanceExceedsMaxMintPerAddress.

A suggestion is to use the current modifier isNFTBalanceExceedsMaxMintPerAddress to increase the count and do the check.

// Define a mapping that counts how many tokens were minted per whitelisted address
mapping(address => uint256) mintedTokensPerWhitelistedAddress;

modifier isNFTBalanceExceedsMaxMintPerAddress(address _address, uint256 _nftQty) {
	// Increment the number of minted tokens
    mintedTokensPerWhitelistedAddress[_address] += _nftQty;

	// Check if the total number of minted tokens is allowed
    require(
        mintedTokensPerWhitelistedAddress[_address] <= maxMintPerAddress,
        "Max nft per address reached"
    );
    _;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Major Report
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@cleanunicorn