Findings and mitigations for the security review of HorseStore, a public contest from CodeHawks.
- High
- [H-1] (Huff) Incorrect loading of totalSupply from storage makes it impossible to mint more than one horse
- [H-2] (Huff) Minting does not increment totalSupply, so only one horse can be minted
- [H-3] (Huff) Improper logic in feedHorse() will make it fail at random times
- [H-4] (Huff) Incorrect time limit checking in IS_HAPPY_HORSE() will make a feeded horse return as unhappy
- Medium
- [M-1] (Solidity) No verification of horse id in feedHorse(), so any horse can be fed before mint
- [M-2] (Huff) No verification of horse id in feedHorse(), so any horse can be fed before mint
- Low
- [L-1] (Huff) Incorrect control flow makes the contract return incorrect values for undefined functions
- Informational
- [I-1] (Solidity, Huff) isHappyHorse() does not verify horse id, so the contract will return incorrect information
- [I-2] (Huff) Implementation of ERC721 standard is incomplete, so some functions of the standard interface are not usable
- [I-3] (Huff) Incorrect call to MINT_HORSE()
- Proof of concepts:
- Audit_HorseStoreSolidity.t.sol
- Audit_HorseStoreHuff.t.sol
- Final tests including fuzzing and invariants:
- HorseStoreSolidity.t.sol
- HorseStoreHuff.t.sol