Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Predictable Token ID Generation in the UninversalNFT contract #11

Open
0xM3R opened this issue Dec 11, 2024 · 0 comments
Open

Predictable Token ID Generation in the UninversalNFT contract #11

0xM3R opened this issue Dec 11, 2024 · 0 comments
Assignees
Labels

Comments

@0xM3R
Copy link

0xM3R commented Dec 11, 2024

Vulnerability Details

The safeMint function in the UniversalNFT smart contract generates token IDs using predictable inputs, such as block.number, address(this), and an incrementing counter. This predictability exposes the contract to front-running attacks, where malicious actors could exploit the ability to anticipate token IDs.

Analysis

The vulnerability lies in the following lines

uint256 tokenId = hash & 0x00FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;
:

uint256 hash = uint256(
    keccak256(
        abi.encodePacked(address(this), block.number, _nextTokenId++)
    )
);
uint256 tokenId = hash & 0x00FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;

How it Can Be Harmful:

  • Front-Running Attacks: Attackers can monitor the blockchain for minting transactions and exploit predictable token IDs to acquire specific tokens, potentially with valuable attributes or metadata.

  • Manipulation Risks: Miners can influence block.number to skew token ID outcomes in their favor.

How to Mitigate the Issue

1. Incorporate Secure Randomness: Use a reliable randomness source, such as Chainlink VRF:
solidity.

uint256 tokenId = uint256(keccak256(abi.encodePacked(requestId)));

2. Delayed Metadata Reveal: Implement a delayed reveal mechanism to obfuscate the token’s attributes until after minting is complete.

3. Use more secure source of randomness: For example, the timestamp can be used to add more reliability to the token id generation.

uint256 tokenId = uint256(
    keccak256(
        abi.encodePacked(blockhash(block.number - 1), block.timestamp, _nextTokenId++)
    )
) & 0x00FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;

References

@0xM3R 0xM3R changed the title Predictable Token ID Generation in the UninversalNFT smart contract Predictable Token ID Generation in the UninversalNFT contract Dec 11, 2024
@0xM3R 0xM3R added the Security label Dec 11, 2024
@0xM3R 0xM3R transferred this issue from another repository Dec 17, 2024
@0xM3R 0xM3R transferred this issue from zeta-chain/smart-contract-vulns Dec 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants