From Vulnerable to Secure: QuillAudits’ Impact on NFTs2Me

QuillAudits conducts a rigorous audit of NFTs2Me, identifying and rectifying 10 critical vulnerabilities to enhance the platform's security and efficiency.

NFTs2Me is an intuitive platform that simplifies creating, deploying,& managing NFT collections without coding skills. It offers a comprehensive toolkit to launch & grow NFT projects from minting to administration.

glow
bg

Before QuillAudits

  • The N2MFactory contract could be exploited by manipulating the revenue address array size, leading to potential DoS attacks.
  • The N2MERC721A contract used the transfer function for token withdrawals, risking unnoticed transfer failures with non-compliant ERC20 tokens.
  • The delegatedCreation function lacked an expiry timestamp for signature verification, allowing signatures to be reused beyond their intended timeframe.
  • The delegatedCreation function was missing the verifying contract address in the signature hash and lacked nonce checks, allowing reuse of signatures across contract versions and replay attacks.
  • The N2MERC721A contract had an immutable variable pointing to the N2MFactory, with ownership of NFT collections delegated to the factory, but this setup lacked security measures.
  • The factory’s multicall function was not optimized for gas efficiency, potentially leading to higher transaction costs.
  • The N2MFactory served as an ownership registry without robust security checks, risking improper representation of NFT ownership.
  • The N2MERC721A contract’s minting phases were less secure and lacked configurable options.

After QuillAudits

  • A defined upper limit on the revenue address array size was implemented in the N2MFactory contract, mitigating the risk of DoS attacks & ensuring reliable execution of withdrawal functions.
  • The contract now uses the safeTransfer function, ensuring compliance with ERC20 standards and securing token transfers, preventing unnoticed failures.
  • An expiry timestamp has been added in the delegatedCreation fucntion, limiting the validity of signatures and reducing the risk of unauthorized transactions.
  • Signature verification now includes the contract address and nonce checks, ensuring signatures are unique to a specific contract version and used only once, preventing replay attacks and unauthorized actions.
  • Enhanced security measures were implemented to ensure secure ownership delegation and better protection of NFT collections.
  • Efficient methods were employed for calling createCollection and multicall, significantly reducing gas costs and enhancing transaction efficiency.
  • The N2MFactory contract now includes comprehensive security checks, ensuring accurate and secure representation of NFT ownership.
  • Minting phases (open, closed, whitelist) are now configurable by the owner, providing controlled distribution and enhanced security during minting.

NFTs2Me offers an easy interface for creating NFT artwork, defining metadata, & uploading to IPFS. Users can deploy NFT contracts with low fees, multiple minting options, & upgradeable features. It also provides tools for managing collections, custom subdomains, & controlling access with allowlists, whitelists, airdrops, & token-gated content, making NFT project launch & growth effortless.


nfts2me dash

NFTs2Me is making NFT Creation Effortless and Fun, No Coding Required

NFTs2Me is a user-friendly platform that empowers creators to effortlessly create, deploy, and manage NFT collections without needing programming skills. It provides a robust toolkit for every stage of the NFT lifecycle, from artwork creation with built-in generative art tools to uploading digital assets with metadata and rarity definitions. Users can deploy NFT contracts on the blockchain with minimal fees, utilizing various minting options such as ERC-20 tokens and native coins. The platform supports flexible administration of collections, including custom subdomains, community management, and granular control over access through allow lists and token-gated content. NFTs2Me aims to democratize NFT creation and management, offering a seamless experience for both novice and experienced creators alike.


Addressing NFTs2Me’s Security Concerns

QuillAudits conducted a comprehensive audit of NFTs2Me, uncovering a total of 10 issues that highlighted the complexity of the platform's smart contracts. The primary focus was on the factory and collection contracts, specifically N2MFactory and N2MERC721A. The audit aimed to evaluate the quality, security, and correctness of the NFTs2Me codebase. Key concerns addressed included potential denial-of-service vulnerabilities, insecure token transfers, and issues in the signature verification process. Through detailed analysis and recommendations, QuillAudits helped enhance the security and robustness of the NFTs2Me platform.


Untitled

NFTs2Me’s Journey Through Our Audit Process

1.Information Gathering

  • Collected and reviewed all relevant documentation, including whitepaper, technical specifications, and design documents.
  • Obtained a clear understanding of the NFTs2ME platform's functionality and intended user interactions.
  • Discussed client concerns and specific areas of focus for the audit.

 

2. Manual Code Review

Conducted a line-by-line review of the smart contract code, focusing on:

  • Vulnerability identification: Searching for known vulnerabilities like reentrancy, front-running, integer overflows, and access control issues, etc.
  • Logic flaws: Identifying inconsistencies or unintended behaviours in the code logic.
  • Solidity best practices: Compliance with secure coding standards and adherence to established guidelines.

 

3. Functional Testing

  • Developed and executed a comprehensive set of test cases covering various user interactions and edge cases.
  • Leveraged tools like Hardhat to deploy and test the smart contract locally.

 

4. Automated Testing

  • Employed static analysis tools like QuillShield to identify vulnerabilities through automated code scanning.
  • Utilized symbolic execution tools like Mythril to explore various code execution paths and uncover potential attack vectors.
  • Integrated unit tests are written by the NFTs2Me team to verify specific contract functions and their behavior.

 

5. Reporting & Remediation

  • Prepared a detailed report outlining all identified vulnerabilities, categorized by severity and potential impact.
  • Provided clear recommendations for fixing each vulnerability, including code snippets and best practices.
  • Collaborated with the NFTs2ME Platform team to prioritize and address the identified issues.
  • Conducted additional verification testing after vulnerability fixes were implemented.

 

QuillAudits' Comprehensive Audit of NFTs2Me

Our methodology for NFTs2Me Smart Contracts combines threat modeling, a security-first mindset, and comprehensive testing, including both white-box and black-box methods. We emphasize transparency and clear communication with the NFTs2Me team, providing actionable insights and detailed recommendations for swift vulnerability resolution, and ensuring a robust security posture.


Comprehensive Audit Discoveries and Remediation Strategies

Our thorough and extensive audit uncovered 2 Medium Severity vulnerability, 4 Low-severity issues, and 4 informational findings.


Here is a breakdown of the critical vulnerabilities in audit discoveries and remediation strategies:


Audit Discoveries

 

1. Denial-of-Service (DoS) Vulnerability

Discovery: The contract iterates over an array containing revenue addresses during withdrawals. This array lacks a defined upper limit on its size. If the array grows excessively large, iterating through it could exceed the gas limit, leading to a DoS attack.

Impact: An attacker could potentially exploit this vulnerability to prevent legitimate users from executing withdrawal functions by manipulating the revenue address array size.

 

2. Insecure Token Transfers

Discovery: The contract utilizes the transfer function for token withdrawals instead of the recommended safeTransfer function.

Impact: Tokens that are non-compliant with the ERC20 standard could return false on failed transfers using the transfer function. This failure would go unnoticed by the contract, potentially leading to unintended token behavior.

 

3. Missing Signature Expiry

Discovery: The signature verification process for delegated creation transactions lacks an expiry timestamp. This allows attackers to potentially reuse expired signatures for unauthorized actions.

Impact: An attacker could potentially obtain a valid signature and use it beyond its intended timeframe to execute unauthorized transactions on behalf of the signer.

 

4. Insecure Signature Verification

Discovery: The signature verification process in the delegatedCreation function has two vulnerabilities:

  • Missing Verifying Contract Address: The contract address is not included in the signature verification hash. This could allow attackers to reuse a signature for a different contract version if the current contract is deprecated.

  • Missing Nonce Check: The function does not verify that a unique nonce value is used for each signature. This allows attackers to potentially replay a signature for the same owner address on the same factory contract.

     

Remediation Strategies

 

1. Mitigating Denial-of-Service (DoS) Vulnerability

Action:

Imposed a defined upper limit on the size of the revenue address array in the N2MFactory contract.

Outcome:

Limiting the array size prevents excessive gas consumption during iteration, mitigating the risk of DoS attacks and ensuring smooth execution of withdrawal functions.

 

2. Securing Token Transfers

Action:

Implemented the safeTransfer function for token withdrawals in the N2MERC721A contract instead of the transfer function.

Outcome:

Using safeTransfer ensures compliance with the ERC20 standard, providing a more secure method for token transfers and preventing unnoticed transfer failures.

 

3. Implementing Signature Expiry

Action:

Add an expiry timestamp to the signature verification process in the delegatedCreation function of the N2MFactory contract.

Outcome:

Incorporating an expiry timestamp prevents the reuse of signatures beyond their intended timeframe, ensuring that signatures are only valid for a limited period and reducing the risk of unauthorized transactions.

 

4. Enhancing Signature Verification

Action:

  1. Include the contract address in the signature verification hash in the delegatedCreation function of the N2MFactory contract.
  2. Implement a unique nonce check for each signature in the delegatedCreation function.

Outcome:

Adding the contract address to the verification hash ensures that signatures are specific to a particular contract version. Implementing nonce checks prevents replay attacks, ensuring each signature is used only once per owner address on the factory contract.

 

During the audit, several functional tests were conducted to ensure the robustness and correctness of the NFTs2ME Platform smart contracts.

Let’s delve into some of the critical tests performed:

 

Collection Creation:

  • Test Case: Verify a user can successfully create a new collection.
  • Expected Outcome: The collection is created with the specified details, and the user is assigned ownership.

 

Multicall Functionality:

  • Test Case: Verify the contract can execute multiple function calls within a single transaction using the multicall function.
  • Expected Outcome: All included function calls are executed successfully within the transaction.

 

Owner Privileges:

  • Test Case: Verify the owner can add a new contract implementation and signer address.
  • Expected Outcome: The new implementation and signer are added to the contract's configuration.

 

Delegated Collection Creation:

  • Test Case: Verify a user can create a collection on behalf of another user using a valid signature.
  • Expected Outcome: The collection is created for the specified user, and the signature is verified successfully.

 

Collection Ownership Transfer:

  • Test Case: Verify the owner can transfer ownership of a collection to another user.
  • Expected Outcome: Ownership of the collection is successfully transferred to the new user.

 

Duplicate Signature Prevention:

  • Test Case: Verify the contract prevents creating a collection using the same signature twice.
  • Expected Outcome: The transaction reverts when attempting to use a previously used signature.

 

Salt Validation:

  • Test Case: Verify the contract reverts if the salt used during collection creation contains an address other than the message sender.
  • Expected Outcome: The transaction reverts to prevent unauthorized collection creation.

 

Multicall with Multiple Collections:

  • Test Case: Verify the contract can execute multiple function calls across multiple collections within a single transaction using multicall with msg.value.
  • Expected Outcome: All function calls are executed successfully on their respective collections, and the msg.value is distributed accordingly.

 

Critical State Variable Extraction:

  • Test Case: Verify the contract can correctly identify critical state variables from provided bytes values.
  • Expected Outcome: The contract successfully extracts and interprets the critical state variables.

 

Contract Initialization:

  • Test Case: Verify contract initialization using packed data can only be performed once.
  • Expected Outcome: Subsequent attempts to initialize the contract revert.

 

Public Sale Dates:

  • Test Case: Verify minting functionality only allows minting within the defined end and drop dates during a public sale.
  • Expected Outcome: Minting transactions revert outside the valid sale window.

 

Trait Management:

  • Test Case: Verify only token owners can set and update traits for their tokens with an expiry time.
  • Expected Outcome: Non-owners and transactions without valid ownership proof cannot modify traits.

 

Ownership Verification:

  • Test Case: Verify the contract correctly identifies the updated owner of a token when the expiry time for the current owner is still valid.
  • Expected Outcome: The contract recognizes the owner with a valid expiry time as the authorized owner.

 

Impressed by our findings and recommendations, the NFTs2Me developers promptly addressed all identified vulnerabilities. Through our collaborative efforts, the NFTs2Me project is now significantly more secure, ensuring the protection of user funds.

The NFTs2Me’s smart contracts security audit identified and addressed critical vulnerabilities, protecting user funds and ensuring platform stability. This case study demonstrates the importance of proactive security measures for blockchain-based projects, especially those dealing with financial assets. By conducting audits and addressing identified issues, the NFTs2Me Team has taken a significant step towards securing its platform and safeguarding user trust.

Subscribe to our Newsletter

Your weekly dose of Web3 innovation and security, featuring blockchain updates, developer insights, curated knowledge, security resources, and hack alerts. Stay ahead in Web3!

Telegram