Ast Nft Sale
Smart Contract Audit Report
Audit Summary
Asterisk Finance is building a new platform where users can purchase NFTs.
For this audit, we reviewed the project team's AstNft and AstNftSale contracts at commit 4878e27f0feed04a3650f05d25d860a7268ee260 on the team's private GitHub repository.
Audit Findings
All findings have been resolved.
Date: May 2nd, 2023.
Updated: May 12th, 2023 to reflect the updates made to the contract from commit 11463fec2ae10b8516adb059b4060c6d39a1e714 to commit 4878e27f0feed04a3650f05d25d860a7268ee260.Finding #1 - AstNftSale - High (Resolved)
Description: The buyNft() function calculates amintPricebut does not require that the user's provided ETH amount covers this calculated price.
Risk/Impact: Users are not required to provide any ETH when directly calling the buyNft() function and can mint NFTs at no cost.
Recommendation: The team should add the following require statement in the buyNft() function, verifying that the user supplies the exact ETH amount needed to cover the transaction cost after calculating themintPrice:
Resolution: The team has implemented the above recommendation.require(msg.value == mintPrice, 'Insufficient balance');
Contracts Overview
AstNft Contract:
- The contracts utilize ReentrancyGuard to prevent reentrancy attacks in applicable functions.
- As the contracts are implemented with Solidity v0.8.x, they are safe from any possible overflows/underflows.
AstNftSale Contract:
- This contract enables addresses with the Default Admin role to mint NFTs.
- The deployer will be granted the Default Admin role upon deployment.
- The Default Admin can mint 1 NFT per transaction to any destination address at any time.
- Users may not transfer any of their NFTs until after May 22, 2023, 5:00 PM UTC.
- The Default Admin can update the Base URI of the contract at any time.
- The contract complies with the ERC-721 token standard.
- This contract is used to facilitate the sale of Ast NFTs.
- A purchase can be initiated by any user by providing an Order ID, timestamp, referral code, user's address, and whitelist status.
- The user must also specify a valid signature provided by the team.
- The contract's Whitelist price is charged on whitelisted purchases, and the contract's Sale price is charged on standard purchases.
- If the user provided a valid referral code, a 5% discount is deducted from the price.
- The ETH provided by the user is transferred to the Fee Receiver address set by the team.
- One NFT is minted from the AstNft contract to the specified user's wallet address.
- The Default Admin can set the contract's Whitelist price and Sale price to any values at any time.
- The Default Admin can pause/unpause purchases at any time.
- The Default Admin can send all of the ETH in the contract to the Fee Receiver address at any time.
- The Default Admin can update the NFT contract address at any time.
- The Default Admin can update the Fee Receiver address at any time.
- The Default Admin can update the Signature Verifier address at any time.
Audit Results
| Vulnerability Category | Notes | Result |
|---|---|---|
| Arbitrary Jump/Storage Write | N/A | PASS |
| Centralization of Control | N/A | PASS |
| Compiler Issues | N/A | PASS |
| Delegate Call to Untrusted Contract | N/A | PASS |
| Dependence on Predictable Variables | N/A | PASS |
| Ether/Token Theft | N/A | PASS |
| Flash Loans | N/A | PASS |
| Front Running | N/A | PASS |
| Improper Events | N/A | PASS |
| Improper Authorization Scheme | N/A | PASS |
| Integer Over/Underflow | N/A | PASS |
| Logical Issues | N/A | PASS |
| Oracle Issues | N/A | PASS |
| Outdated Compiler Version | N/A | PASS |
| Race Conditions | N/A | PASS |
| Reentrancy | N/A | PASS |
| Signature Issues | N/A | PASS |
| Sybil Attack | N/A | PASS |
| Unbounded Loops | N/A | PASS |
| Unused Code | N/A | PASS |
| Overall Contract Safety | PASS |
AstNft Contract
($) = payable function
# = non-constant function
Int = Internal
Ext = External
Pub = Public
+ [Int] IERC165
- [Ext] supportsInterface
+ [Int] IERC721 (IERC165)
- [Ext] balanceOf
- [Ext] ownerOf
- [Ext] safeTransferFrom #
- [Ext] safeTransferFrom #
- [Ext] transferFrom #
- [Ext] approve #
- [Ext] setApprovalForAll #
- [Ext] getApproved
- [Ext] isApprovedForAll
+ [Int] IERC721Receiver
- [Ext] onERC721Received #
+ [Int] IERC721Metadata (IERC721)
- [Ext] name
- [Ext] symbol
- [Ext] tokenURI
+ [Lib] Address
- [Int] isContract
- [Int] sendValue #
- [Int] functionCall #
- [Int] functionCall #
- [Int] functionCallWithValue #
- [Int] functionCallWithValue #
- [Int] functionStaticCall
- [Int] functionStaticCall
- [Int] functionDelegateCall #
- [Int] functionDelegateCall #
- [Int] verifyCallResultFromTarget
- [Int] verifyCallResult
- [Prv] _revert
+ Context
- [Int] _msgSender
- [Int] _msgData
+ [Lib] Math
- [Int] max
- [Int] min
- [Int] average
- [Int] ceilDiv
- [Int] mulDiv
- [Int] mulDiv
- [Int] sqrt
- [Int] sqrt
- [Int] log2
- [Int] log2
- [Int] log10
- [Int] log10
- [Int] log256
- [Int] log256
+ [Lib] SignedMath
- [Int] max
- [Int] min
- [Int] average
- [Int] abs
+ [Lib] Strings
- [Int] toString
- [Int] toString
- [Int] toHexString
- [Int] toHexString
- [Int] toHexString
- [Int] equal
+ ERC165 (IERC165)
- [Pub] supportsInterface
+ ERC721 (Context, ERC165, IERC721, IERC721Metadata)
- [Pub] #
- [Pub] supportsInterface
- [Pub] balanceOf
- [Pub] ownerOf
- [Pub] name
- [Pub] symbol
- [Pub] tokenURI
- [Int] _baseURI
- [Pub] approve #
- [Pub] getApproved
- [Pub] setApprovalForAll #
- [Pub] isApprovedForAll
- [Pub] transferFrom #
- [Pub] safeTransferFrom #
- [Pub] safeTransferFrom #
- [Int] _safeTransfer #
- [Int] _ownerOf
- [Int] _exists
- [Int] _isApprovedOrOwner
- [Int] _safeMint #
- [Int] _safeMint #
- [Int] _mint #
- [Int] _burn #
- [Int] _transfer #
- [Int] _approve #
- [Int] _setApprovalForAll #
- [Int] _requireMinted
- [Prv] _checkOnERC721Received #
- [Int] _beforeTokenTransfer #
- [Int] _afterTokenTransfer #
- [Int] __unsafe_increaseBalance #
+ [Int] IERC721Enumerable (IERC721)
- [Ext] totalSupply
- [Ext] tokenOfOwnerByIndex
- [Ext] tokenByIndex
+ ERC721Enumerable (ERC721, IERC721Enumerable)
- [Pub] supportsInterface
- [Pub] tokenOfOwnerByIndex
- [Pub] totalSupply
- [Pub] tokenByIndex
- [Int] _beforeTokenTransfer #
- [Prv] _addTokenToOwnerEnumeration #
- [Prv] _addTokenToAllTokensEnumeration #
- [Prv] _removeTokenFromOwnerEnumeration #
- [Prv] _removeTokenFromAllTokensEnumeration #
+ [Lib] Counters
- [Int] current
- [Int] increment #
- [Int] decrement #
- [Int] reset #
+ [Lib] ECDSA
- [Prv] _throwError
- [Int] tryRecover
- [Int] recover
- [Int] tryRecover
- [Int] recover
- [Int] tryRecover
- [Int] recover
- [Int] toEthSignedMessageHash
- [Int] toEthSignedMessageHash
- [Int] toTypedDataHash
- [Int] toDataWithIntendedValidatorHash
+ ReentrancyGuard
- [Pub] #
- [Prv] _nonReentrantBefore #
- [Prv] _nonReentrantAfter #
- [Int] _reentrancyGuardEntered
+ [Int] IAccessControl
- [Ext] hasRole
- [Ext] getRoleAdmin
- [Ext] grantRole #
- [Ext] revokeRole #
- [Ext] renounceRole #
+ AccessControl (Context, IAccessControl, ERC165)
- [Pub] supportsInterface
- [Pub] hasRole
- [Int] _checkRole
- [Int] _checkRole
- [Pub] getRoleAdmin
- [Pub] grantRole #
- modifiers: onlyRole
- [Pub] revokeRole #
- modifiers: onlyRole
- [Pub] renounceRole #
- [Int] _setupRole #
- [Int] _setRoleAdmin #
- [Int] _grantRole #
- [Int] _revokeRole #
+ AccessController (AccessControl)
- [Ext] addOperator #
- modifiers: onlyAdmin
- [Ext] removeOperator #
- modifiers: onlyAdmin
+ [Int] IAstNft
- [Ext] mintNft #
- [Ext] getNftsOfUser #
- [Ext] setBaseUri #
+ AstNft (ERC721Enumerable, IAstNft, AccessController, ReentrancyGuard)
- [Pub] #
- modifiers: ERC721
- [Pub] tokenURI
- [Pub] baseURI
- [Ext] setBaseUri #
- modifiers: onlyAdmin
- [Ext] mintNft #
- modifiers: onlyAdmin,nonReentrant
- [Ext] getNftsOfUser
- [Pub] supportsInterface AstNftSale Contract
($) = payable function
# = non-constant function
Int = Internal
Ext = External
Pub = Public
+ ReentrancyGuard
- [Pub] #
- [Prv] _nonReentrantBefore #
- [Prv] _nonReentrantAfter #
- [Int] _reentrancyGuardEntered
+ [Lib] SafeMath
- [Int] tryAdd
- [Int] trySub
- [Int] tryMul
- [Int] tryDiv
- [Int] tryMod
- [Int] add
- [Int] sub
- [Int] mul
- [Int] div
- [Int] mod
- [Int] sub
- [Int] div
- [Int] mod
+ [Lib] Math
- [Int] max
- [Int] min
- [Int] average
- [Int] ceilDiv
- [Int] mulDiv
- [Int] mulDiv
- [Int] sqrt
- [Int] sqrt
- [Int] log2
- [Int] log2
- [Int] log10
- [Int] log10
- [Int] log256
- [Int] log256
+ [Lib] SignedMath
- [Int] max
- [Int] min
- [Int] average
- [Int] abs
+ [Lib] Strings
- [Int] toString
- [Int] toString
- [Int] toHexString
- [Int] toHexString
- [Int] toHexString
- [Int] equal
+ [Lib] ECDSA
- [Prv] _throwError
- [Int] tryRecover
- [Int] recover
- [Int] tryRecover
- [Int] recover
- [Int] tryRecover
- [Int] recover
- [Int] toEthSignedMessageHash
- [Int] toEthSignedMessageHash
- [Int] toTypedDataHash
- [Int] toDataWithIntendedValidatorHash
+ [Int] IAccessControl
- [Ext] hasRole
- [Ext] getRoleAdmin
- [Ext] grantRole #
- [Ext] revokeRole #
- [Ext] renounceRole #
+ Context
- [Int] _msgSender
- [Int] _msgData
+ [Int] IERC165
- [Ext] supportsInterface
+ ERC165 (IERC165)
- [Pub] supportsInterface
+ AccessControl (Context, IAccessControl, ERC165)
- [Pub] supportsInterface
- [Pub] hasRole
- [Int] _checkRole
- [Int] _checkRole
- [Pub] getRoleAdmin
- [Pub] grantRole #
- modifiers: onlyRole
- [Pub] revokeRole #
- modifiers: onlyRole
- [Pub] renounceRole #
- [Int] _setupRole #
- [Int] _setRoleAdmin #
- [Int] _grantRole #
- [Int] _revokeRole #
+ AccessController (AccessControl)
- [Ext] addOperator #
- modifiers: onlyAdmin
- [Ext] removeOperator #
- modifiers: onlyAdmin
+ [Int] IAstNft
- [Ext] mintNft #
- [Ext] getNftsOfUser #
- [Ext] setBaseUri #
+ AstNftSale (AccessController, ReentrancyGuard)
- [Pub] #
- [Ext] setNftContract #
- modifiers: onlyAdmin
- [Ext] setPause #
- modifiers: onlyAdmin
- [Ext] setFeeReceiver #
- modifiers: onlyAdmin
- [Ext] setSignatureVerifier #
- modifiers: onlyAdmin
- [Ext] buyNft ($)
- modifiers: nonReentrant
- [Ext] withdraw #
- modifiers: onlyAdmin
- [Prv] _validateSignature
- [Prv] nftPrice
- [Prv] stringEqual
- [Pub] supportsInterface
About SourceHat
SourceHat has quickly grown to have one of the most experienced and well-equipped smart contract auditing teams in the industry. Our team has conducted 1800+ solidity smart contract audits covering all major project types and protocols, securing a total of over $50 billion U.S. dollars in on-chain value!
Our firm is well-reputed in the community and is trusted as a top smart contract auditing company for the review of solidity code, no matter how complex. Our team of experienced solidity smart contract auditors performs audits for tokens, NFTs, crowdsales, marketplaces, gambling games, financial protocols, and more!
Contact us today to get a free quote for a smart contract audit of your project!
What is a SourceHat Audit?
Typically, a smart contract audit is a comprehensive review process designed to discover logical errors, security vulnerabilities, and optimization opportunities within code. A SourceHat Audit takes this a step further by verifying economic logic to ensure the stability of smart contracts and highlighting privileged functionality to create a report that is easy to understand for developers and community members alike.
How Do I Interpret the Findings?
Each of our Findings will be labeled with a Severity level. We always recommend the team resolve High, Medium, and Low severity findings prior to deploying the code to the mainnet. Here is a breakdown on what each Severity level means for the project:
- High severity indicates that the issue puts a large number of users' funds at risk and has a high probability of exploitation, or the smart contract contains serious logical issues which can prevent the code from operating as intended.
- Medium severity issues are those which place at least some users' funds at risk and has a medium to high probability of exploitation.
- Low severity issues have a relatively minor risk association; these issues have a low probability of occurring or may have a minimal impact.
- Informational issues pose no immediate risk, but inform the project team of opportunities for gas optimizations and following smart contract security best practices.