A user might unintentionally “intentionally” try to take advantage of the mint() function in ProfilePicture.sol
The pfp mapping stores the pfp data per NFT, L31-32 of Profilepicture.sol
/// @notice Stores the pfp data per NFT mapping(uint256 => ProfilePictureData) private pfp; keyword “per NFT”
Now the only check that’s included in the ProfilePicture.mint() function is if the caller is the Nft owner, L81-82 of Profilepicture.sol
if (ERC721(_nftContract).ownerOf(_nftID) != msg.sender) revert PFPNotOwnedByCaller(msg.sender, _nftContract, _nftID);
No checks are included to see if a PFP NFT has already been minted for _nftId. This means that there is nothing stopping the owner of _nftId to mint more than one PFP NFT per _nftId leading to a break in the contract’s logic.
Manual Review
Advisably an additional check should be included to check if a PFP NFT has already been minted for _nftId
The text was updated successfully, but these errors were encountered:
All reactions