-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Flawed logic of NextGenCore::burnToMint
makes NFTs worthless
#1227
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
duplicate-1597
satisfactory
satisfies C4 submission criteria; eligible for awards
Comments
c4-submissions
added
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
labels
Nov 12, 2023
141345 marked the issue as duplicate of #1198 |
141345 marked the issue as duplicate of #1597 |
c4-pre-sort
added
duplicate-1597
duplicate-1742
and removed
duplicate-1198
duplicate-1597
labels
Nov 20, 2023
141345 marked the issue as duplicate of #1742 |
alex-ppg marked the issue as not a duplicate |
alex-ppg marked the issue as duplicate of #1597 |
alex-ppg changed the severity to 2 (Med Risk) |
c4-judge
added
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
downgraded by judge
Judge downgraded the risk level of this issue
and removed
3 (High Risk)
Assets can be stolen/lost/compromised directly
labels
Dec 5, 2023
alex-ppg marked the issue as satisfactory |
c4-judge
added
the
satisfactory
satisfies C4 submission criteria; eligible for awards
label
Dec 8, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
duplicate-1597
satisfactory
satisfies C4 submission criteria; eligible for awards
Lines of code
https://github.com/code-423n4/2023-10-nextgen/blob/8b518196629faa37eae39736837b24926fd3c07c/hardhat/smart-contracts/NextGenCore.sol#L213-L223
https://github.com/code-423n4/2023-10-nextgen/blob/8b518196629faa37eae39736837b24926fd3c07c/hardhat/smart-contracts/ERC721.sol#L248
Vulnerability details
It is possible in the protocol to burn some NFT collections in order to get NFTs with other, newer collections. The function responsible for handling this logic is
NextGenCore::burnToMint
and its code is shown below:As can be noticed, it checks whether the
burner
has rights to burn the old NFT and, if he has, it mints him the new NFT and burns the old one. The problem is that the new NFT is minted before the old one is burned.Indeed, if we look at the
_mintProcessing
function:we will see that it calls
_safeMint
, which has the following code:The important part is that it calls
_checkOnERC721Received
on the receiver. It opens up the reentrancy possibility.In order to illustrate this, consider the following scenario:
X
that gives some benefits for staking NFTs from the old collection in it - for instance, these NFTs can be used as a collateral for loans (so users can stake NFT, get some money and when they return the money back, they receive their NFT back).A
and the attacker acquires an NFT (tokenId == 1
) from the NextGen protocol for that contract.tokenId == 2
) from a newer collection, attacker through his contractA
callsNextGenCore::burnToMint
.NextGenCore::burnToMint
, becauseA
is the owner of the NFT withtokenId == 1
, soA::_checkOnERC721Received
will be called before burning the NFT._checkOnERC721Received
, when NFT withtokenId == 2
is received,A
will stake / sell its NFT withtokenId == 1
to theX
contract and receive some money in return.burn
will be called ontokenId == 1
without any further validation, despite the fact that the owner of that NFT changed in the meantime (fromA
toX
).A
will have the new NFT and will have some money for the old one, andX
will have nothing left as its NFT would be immediately burned.Impact
The scenario shown above shows that since
NextGenCore::burnToMint
could be exploited this way, nobody will ever want to buy the NextGen NFTs as he would always risk the attack described above - there is no point in buying NFT that can be burned by someone else, who doesn't own it anymore. Because of that, the NFTs become essentially worthless as no one will want to buy them.Since it is crucial for the protocol that the NFTs minted have some value and because of the attack I presented, they don't, I'm submitting this finding as High.
Proof of Concept
Please add the following contracts to the
hardhat/smart-contracts
folder:The first one should be named
Attacker.sol
and contain the following code:The second one should be named
NFTBuyer.sol
and contain the following code:Moreover, please add the following test to the
nextGen.test.js
:Tools Used
VS Code
Recommended Mitigation Steps
Call
_burn
before_mintProcessing
inNextGenCore::burnToMint
.Assessed type
Reentrancy
The text was updated successfully, but these errors were encountered: