Platform: Code4rena
Start Date: 17/03/2023
Pot Size: $36,500 USDC
Total HM: 10
Participants: 98
Period: 3 days
Judge: leastwood
Total Solo HM: 5
Id: 223
League: ETH
Rank: 48/98
Findings: 2
Award: $34.80
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: Sathish9098
Also found by: 0xAgro, 0xSmartContract, 0xdaydream, 0xnev, Awesome, Aymen0909, BRONZEDISC, Bauchibred, Deathstore, Diana, IceBear, Jerry0x, Kresh, Matin, Rolezn, Stryder, T1MOH, Udsen, adriro, alejandrocovrr, atharvasama, codeslide, cryptonue, descharre, igingu, jack, joestakey, libratus, lukris02, luxartvinsec, nadin, nasri136, reassor, scokaf, shark, slvDev, tnevler
22.7749 USDC - $22.77
https://github.com/code-423n4/2023-03-canto-identity/blob/077372297fc419ea7688ab62cc3fd4e8f4e24e66/canto-namespace-protocol/src/Namespace.sol#L91
https://github.com/code-423n4/2023-03-canto-identity/blob/077372297fc419ea7688ab62cc3fd4e8f4e24e66/canto-namespace-protocol/src/Tray.sol#L196
https://github.com/code-423n4/2023-03-canto-identity/blob/077372297fc419ea7688ab62cc3fd4e8f4e24e66/canto-namespace-protocol/src/Tray.sol#L204
https://github.com/code-423n4/2023-03-canto-identity/blob/077372297fc419ea7688ab62cc3fd4e8f4e24e66/canto-namespace-protocol/src/Tray.sol#L120
Considering how these errors could be reached, their names (TokenNotMinted and TrayNotMinted) are improper.
Namespace and Tray contracts have burn functions, therefore NFTs could be minted and then transfered to address(0) (burned), and therefore the errors could be reached for minted NFTs.
(it is not the same for Bio and ProfilePicture, because Solmate's implementation have a restriction to transfer to address(0) without burn, so the errors are not achievable for minted ones)
Replace NotMinted with NotExist into error names.
Bio, ProfilePicture and Namespace contracts use Solmate's ERC721 implementation, but Tray contract use ERC721A without any significant reason. It violates the homogeneity of the contracts.
Use either Solmate's implementation or ERC721A.
https://github.com/code-423n4/2023-03-canto-identity/blob/077372297fc419ea7688ab62cc3fd4e8f4e24e66/canto-pfp-protocol/src/ProfilePicture.sol#L103 It is written that there is no sense to reset nftID, but it still happens. But moreover, there is twice no sense for "reseting" because a real nftID could also be 0, then it also wouldn't mean at least "reset".
Remove this line.
#0 - c4-judge
2023-04-11T05:45:52Z
0xleastwood marked the issue as grade-b
🌟 Selected for report: 0xSmartContract
Also found by: 0xdaydream, 0xnev, Aymen0909, Deekshith99, Diana, EvanW, Fanz, JCN, Jerry0x, K42, Kresh, Madalad, MiniGlome, Polaris_tow, Rageur, ReyAdmirado, Rolezn, SAAJ, SaeedAlipoor01988, Sathish9098, Shubham, Udsen, Viktor_Cortess, Walter, anodaram, arialblack14, atharvasama, caspersolangii, codeslide, descharre, fatherOfBlocks, felipe, ginlee, igingu, lukris02, nadin, slvDev, tnevler, turvy_fuzz, viking71
12.034 USDC - $12.03
https://github.com/code-423n4/2023-03-canto-identity/blob/077372297fc419ea7688ab62cc3fd4e8f4e24e66/canto-bio-protocol/src/Bio.sol#L60
(i > 0 && (i + 1) % 40 == 0) has a check i > 0 which is not needed, because when i = 0, then 1 % 40 != 0
Replace (i > 0 && (i + 1) % 40 == 0) with ((i + 1) % 40 == 0)
#0 - c4-judge
2023-04-10T23:54:47Z
0xleastwood marked the issue as grade-b