User can mint tokens and list themselves as the referrer for minor discount #142
Labels
bug
Something isn't working
duplicate
This issue or pull request already exists
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
Lines of code
https://github.com/code-423n4/2022-08-foundation/blob/792e00df429b0df9ee5d909a0a5a6e72bd07cf79/contracts/mixins/nftDropMarket/NFTDropMarketFixedPriceSale.sol#L173
Vulnerability details
Impact
User can refer himself and always get bonus on minting. Or in other words never have to pay full price.
Proof of Concept
There is no check for
buyReferrer != msg.sender
.https://github.com/code-423n4/2022-08-foundation/blob/792e00df429b0df9ee5d909a0a5a6e72bd07cf79/contracts/mixins/nftDropMarket/NFTDropMarketFixedPriceSale.sol#L170-L189
Tools Used
Manual Review
Recommended Mitigation Steps
Add the a check to ensure
msg.sender
can't refer himself.Example:
The text was updated successfully, but these errors were encountered: