Anime Metaverse Ticket

Smart Contract Audit Report

Audit Summary

Anime Metaverse Ticket Audit Report Anime Metaverse is building a new platform where users can mint free ticket NFTs and premium ticket NFTs.

For this audit, we reviewed the project team's AnimeMetaverseTicket contract at 0xC850bd7FAd6E70962e4a344849c02E447b5626aE on the Goerli Testnet.

We previously reviewed the project team's NFT platform here.

Audit Findings

All findings have been resolved, though some centralized aspects are present.
Date: October 4th, 2022.
Updated: October 21st, 2022 to reflect the project's newly deployed Testnet address that resolves Findings #1 - #4.
Finding #1 - AnimeMetaverseTicket - High (Resvoled)
Description: The mintFreeTicket() function is vulnerable to reentrancy attacks by whitelisted users. Reentrancy is made possible via the call to _doSafeTransferAcceptanceCheck(), which requires that the receiver has implemented the onERC1155Received() function in the event that the receiver is a contract.
Risk/Impact: Whitelisted users can use the onERC1155Received() function to execute arbitrary logic and reenter the mintFreeTicket() function in an effort to mint NFTs in excess of the individual wallet limit and the maximum supply limit.
Recommendation: The logic in the mintFreeTicket() function should be restructured to follow the Checks-Effects-Interactions pattern. The whiteListedUsersInfo[msg.sender].alreadyMinted += _mintAmountand freeTicketTotalSupply += _mintAmount logic should occur prior to minting any NFTs.
Resolution: The team has implemented the above recommendation.

Finding #2 - AnimeMetaverseTicket - High (Resolved)
Description: The mintPremiumTicket() function is vulnerable to reentrancy attacks. Reentrancy is made possible via the call to _doSafeTransferAcceptanceCheck(), which requires that the receiver has implemented the onERC1155Received() function in the event that the receiver is a contract.
Risk/Impact: Users can use the onERC1155Received() function to execute arbitrary logic and reenter the mintPremiumTicket() function in an effort to mint NFTs in excess of the maximum supply limit.
Recommendation: The logic in the mintPremiumTicket() function should be restructured to follow the Checks-Effects-Interactions pattern. The freeTicketTotalSupply += _mintAmount logic should occur prior to minting any NFTs.
Resolution: The team has implemented the above recommendation.

Finding #3 - AnimeMetaverseTicket - Low (Resolved)
Description: The airDropPremiumTicket() function is vulnerable to reentrancy attacks, although it is limited to the owner. Reentrancy is made possible via the call to _doSafeTransferAcceptanceCheck(), which requires that the receiver has implemented the onERC1155Received() function in the event that the receiver is a contract.
Risk/Impact: The owner can use the onERC1155Received() function to execute arbitrary logic and reenter the airDropPremiumTicket() function in an effort to mint NFTs in excess of the maximum supply limit.
Recommendation: The logic in the airDropPremiumTicket() function should be restructured to follow the Checks-Effects-Interactions pattern. The premiumTicketTotalSupply += amount logic should occur prior to minting any NFTs.
Resolution: The team has implemented the above recommendation.

Finding #4 - AnimeMetaverseTicket - Low (Resolved)
Description: Any excess ETH supplied to the contract during minting is not returned to the user.
Risk/Impact: Users will lose any excess funds sent as payment.
Recommendation: The contract should require the user supplies the exact amount of ETH needed to mint the desired amount of NFTs.
Resolution: The team has implemented the above recommendation.

Contract Overview

This contract can be used to mint free ticket NFTs and premium ticket NFTs.

The owner can add accounts to the free ticket minting whitelist by specifying the number of free tickets that the user can mint.

The owner can update the number of free tickets each user can mint at any time.

When free ticket minting is enabled by the team, whitelisted users can mint up to their assigned number of free tickets.

The maximum supply of free tickets is set to 16,000 upon deployment.

When premium ticket minting is enabled by the team, users can mint premium tickets up to the maximum supply by specifying a number of NFTs and an amount of ETH to cover the cost.

The maximum supply of premium tickets is set to 20,000 upon deployment.

A limit of 100 premium tickets can be minted per transaction.

The owner can airdrop premium tickets to users at no cost.

Users that have been added to the Burner list by the team can burn any user's NFTs at any time.

The owner can increase the free ticket and premium ticket maximum supplies at any time.

The owner can add/remove addresses from the Burner list at any time.

The owner can update the premium ticket price per NFT to any value at any time.

The owner can update the premium ticket maximum transaction limit to any value at any time.

The owner can enable/disable free ticket and premium ticket minting at any time.

The owner can send all of the ETH in the contract to the Withdraw wallet at any time.

The owner can update the team's Withdraw wallet at any time.

The owner can update the contract's Base URI at any time.

As the contract is implemented with Solidity v0.8.x, it is safe from any possible overflows/underflows.

The contract complies with the ERC-1155 token standard.

Audit Results

Vulnerability Category	Notes	Result
Arbitrary Jump/Storage Write	N/A	PASS
Centralization of Control	The team can burn any user's NFTs at any time.	WARNING
Compiler Issues	N/A	PASS
Delegate Call to Untrusted Contract	N/A	PASS
Dependence on Predictable Variables	N/A	PASS
Ether/Token Theft	N/A	PASS
Flash Loans	N/A	PASS
Front Running	N/A	PASS
Improper Events	N/A	PASS
Improper Authorization Scheme	N/A	PASS
Integer Over/Underflow	N/A	PASS
Logical Issues	N/A	PASS
Oracle Issues	N/A	PASS
Outdated Compiler Version	N/A	PASS
Race Conditions	N/A	PASS
Reentrancy	N/A	PASS
Signature Issues	N/A	PASS
Unbounded Loops	N/A	PASS
Unused Code	N/A	PASS
Overall Contract Safety		PASS

Inheritance Chart

Smart Contract Audit - Inheritance

Function Graph

Smart Contract Audit - Graph

Functions Overview


 ($) = payable function
 # = non-constant function
 
 Int = Internal
 Ext = External
 Pub = Public

 + [Int] IERC165 
    - [Ext] supportsInterface

 + [Int] IERC1155 (IERC165)
    - [Ext] balanceOf
    - [Ext] balanceOfBatch
    - [Ext] setApprovalForAll #
    - [Ext] isApprovedForAll
    - [Ext] safeTransferFrom #
    - [Ext] safeBatchTransferFrom #

 + [Int] IERC1155Receiver (IERC165)
    - [Ext] onERC1155Received #
    - [Ext] onERC1155BatchReceived #

 + [Int] IERC1155MetadataURI (IERC1155)
    - [Ext] uri

 + [Lib] Address 
    - [Int] isContract
    - [Int] sendValue #
    - [Int] functionCall #
    - [Int] functionCall #
    - [Int] functionCallWithValue #
    - [Int] functionCallWithValue #
    - [Int] functionStaticCall
    - [Int] functionStaticCall
    - [Int] functionDelegateCall #
    - [Int] functionDelegateCall #
    - [Int] verifyCallResult

 +  Context 
    - [Int] _msgSender
    - [Int] _msgData

 +  ERC165 (IERC165)
    - [Pub] supportsInterface

 +  ERC1155 (Context, ERC165, IERC1155, IERC1155MetadataURI)
    - [Pub]  #
    - [Pub] supportsInterface
    - [Pub] uri
    - [Pub] balanceOf
    - [Pub] balanceOfBatch
    - [Pub] setApprovalForAll #
    - [Pub] isApprovedForAll
    - [Pub] safeTransferFrom #
    - [Pub] safeBatchTransferFrom #
    - [Int] _safeTransferFrom #
    - [Int] _safeBatchTransferFrom #
    - [Int] _setURI #
    - [Int] _mint #
    - [Int] _mintBatch #
    - [Int] _burn #
    - [Int] _burnBatch #
    - [Int] _setApprovalForAll #
    - [Int] _beforeTokenTransfer #
    - [Int] _afterTokenTransfer #
    - [Prv] _doSafeTransferAcceptanceCheck #
    - [Prv] _doSafeBatchTransferAcceptanceCheck #
    - [Prv] _asSingletonArray

 +  Ownable (Context)
    - [Pub]  #
    - [Pub] owner
    - [Int] _checkOwner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner
    - [Int] _transferOwnership #

 + [Int] IAnimeMetaverseTicket 
    - [Ext] burn #
    - [Ext] mintFreeTicket #
    - [Ext] mintPremiumTicket ($)

 +  AmvUtils 
    - [Int] intToString
    - [Int] singletonArray

 +  AnimeMetaverseTicket (Ownable, ERC1155, AmvUtils, IAnimeMetaverseTicket)
    - [Pub]  #
       - modifiers: ERC1155
    - [Pub] addToWhitelistBatch #
       - modifiers: onlyOwner,validInputArrayLength
    - [Pub] updateWhitelistBatch #
       - modifiers: onlyOwner,validInputArrayLength
    - [Ext] mintFreeTicket #
       - modifiers: NotZero
    - [Ext] mintPremiumTicket ($)
       - modifiers: NotZero
    - [Ext] airDropPremiumTicket #
       - modifiers: onlyOwner,validInputArrayLength
    - [Pub] IsMintRequestValid
    - [Pub] burn #
       - modifiers: validTokenId
    - [Ext] updateMaxSupplyForPremiumTicket #
       - modifiers: onlyOwner
    - [Ext] updateMaxSupplyForFreeTicket #
       - modifiers: onlyOwner
    - [Ext] setWithdrawWallet #
       - modifiers: onlyOwner,validAddress
    - [Ext] setBurnerAddress #
       - modifiers: onlyOwner,validAddress
    - [Ext] withdrawETH #
       - modifiers: onlyOwner
    - [Ext] updateMintPrice #
       - modifiers: onlyOwner
    - [Ext] resetMintPrice #
       - modifiers: onlyOwner
    - [Pub] setURI #
       - modifiers: onlyOwner
    - [Ext] updateMaxMintLimitForPremiumTicket #
       - modifiers: onlyOwner,NotZero
    - [Ext] ActivateFreeTicketMinting #
       - modifiers: onlyOwner
    - [Ext] ActivatePremiumTicketMinting #
       - modifiers: onlyOwner
    - [Pub] uri

About SourceHat

SourceHat has quickly grown to have one of the most experienced and well-equipped smart contract auditing teams in the industry. Our team has conducted 1300+ solidity smart contract audits covering all major project types and protocols, securing a total of over $50 billion U.S. dollars in on-chain value across 1500 projects!.
Our firm is well-reputed in the community and is trusted as a top smart contract auditing company for the review of solidity code, no matter how complex. Our team of experienced solidity smart contract auditors performs audits for tokens, NFTs, crowdsales, marketplaces, gambling games, financial protocols, and more!

What is a SourceHat Audit?

Typically, a smart contract audit is a comprehensive review process designed to discover logical errors, security vulnerabilities, and optimization opportunities within code. A SourceHat Audit takes this a step further by verifying economic logic to ensure the stability of smart contracts and highlighting privileged functionality to create a report that is easy to understand for developers and community members alike.

How Do I Interpret the Findings?

Each of our Findings will be labeled with a Severity level. We always recommend the team resolve High, Medium, and Low severity findings prior to deploying the code to the mainnet. Here is a breakdown on what each Severity level means for the project:

High severity indicates that the issue puts a large number of users' funds at risk and has a high probability of exploitation, or the smart contract contains serious logical issues which can prevent the code from operating as intended.
Medium severity issues are those which place at least some users' funds at risk and has a medium to high probability of exploitation.
Low severity issues have a relatively minor risk association; these issues have a low probability of occurring or may have a minimal impact.
Informational issues pose no immediate risk, but inform the project team of opportunities for gas optimizations and following smart contract security best practices.

Go Home