Skip to content

Lack of subscription validation in VRF#

Low Risk

In VRF.sol there are multiple functions that get a subscription ID from the canvasIdToSubscription mapping and execute some actions related to that subscription. But they lack validating that the subscription for selected canvas actually exists. These functions are: cancelSubscription, onTokenTransfer, resetVRF and requestVRF

Recommendation#

Consider adding a check that canvasIdToSubscription is not equal to 0. if(canvasIdToSubscription[canvasId] == 0) revert.