Lucene search

HistoryAug 15, 2022 - 12:00 a.m.

createNFTDropCollectionWithPaymentAddress() doesn't granting the creator to receive royalties and mint payments


Lines of code

Vulnerability details


createNFTDropCollectionWithPaymentAddress() doesn’t ensure to receive royalties and mint payments to the address payable paymentAddress

Proof of Concept

The documentation side Create a new drop collection contract with a custom payment address and in createNFTDropCollectionWithPaymentAddress() in the line 342 where setting the value to the paymentAddress in the case (paymentAddress != msg.sender) == false the paymentAddress will set to payable(0)
So the creator will not be able to receive royalties and mint payments

Recommended Mitigation Steps

Change this line paymentAddress != msg.sender ? paymentAddress : payable(0) to this one paymentAddress != msg.sender ? paymentAddress : msg.sender

The text was updated successfully, but these errors were encountered:

All reactions