-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
artistSignature can be replaced in setCollectionData function with zero collectionTotalSupply #478
Comments
141345 marked the issue as sufficient quality report |
141345 marked the issue as primary issue |
a2rocket (sponsor) disputed |
once the collection supply is not set the artist can change. When the collectionSupply is set but artist did not sign yet, the address can change. When the artists signed it cannot change. This is the intended design. |
alex-ppg marked issue #741 as primary and marked this issue as a duplicate of 741 |
alex-ppg marked the issue as partial-50 |
Lines of code
https://github.com/code-423n4/2023-10-nextgen/blob/main/smart-contracts/NextGenCore.sol#L150
https://github.com/code-423n4/2023-10-nextgen/blob/main/smart-contracts/NextGenCore.sol#L257
Vulnerability details
Impact
Collection admin can overwrite the
collectionArtistAddress
when thecollectionTotalSupply
is zero.This can lead to confusion, incorrect attribution of artwork ownership, and potential disputes between artists and collection administrators.
Proof of Concept
The vulnerability exists in the
setCollectionData
function, allowing the collection admin to replace thecollectionArtistAddress
when the currentcollectionTotalSupply
is zero.This inconsistency occurs as the collection admin can update the
collectionArtistAddress
.Consequently, this prevents the intended artist from registering their signature for the selected collectionId.
setCollectionData
function for the first time and the_collectionTotalSupply
is zero, and the_collectionArtistAddress
is Ahttps://github.com/code-423n4/2023-10-nextgen/blob/main/smart-contracts/NextGenCore.sol#L147
artistSignature
function to register his signature.https://github.com/code-423n4/2023-10-nextgen/blob/main/smart-contracts/NextGenCore.sol#L257
setCollectionData
again with another artist B, it can be updated successfully because thecollectionTotalSupply
is zero.https://github.com/code-423n4/2023-10-nextgen/blob/main/smart-contracts/NextGenCore.sol#L149
artistSignature
because it has already been registered by artist A.https://github.com/code-423n4/2023-10-nextgen/blob/main/smart-contracts/NextGenCore.sol#L257
Tools Used
Manual Review
Recommended Mitigation Steps
Provide function to update artistSignature
Assessed type
Access Control
The text was updated successfully, but these errors were encountered: