MANSORY

We express our gratitude to the MANSORY team for the collaborative engagement that enabled the execution of this Smart Contract Security Assessment.

Mansory's staking contract is a soul-bound NFT system where users lock ERC-20 tokens for a fixed duration to receive a non-transferable NFT that represents their stake and tier. Users can increase their stake to upgrade their tier, and the contract supports airdrops, tier-based metadata, and time-based withdrawals after expiry.

The system users should acknowledge all the risks summed up in the risks section of the report

Documentation quality

• Functional requirements are included.

• Technical description is provided.

Code quality

• NatSpec is included across the contracts.

• The code is clear and straightforward.

Test coverage

Code coverage of the project is 0% as no tests provided.

The Mansory project implements a soul-bound NFT staking system designed to lock ERC-20 tokens in exchange for non-transferable NFTs that represent staking positions. The core functionality is encapsulated in the NftTierStakingUpgradeable contract, an upgradeable ERC-721 implementation that supports tiered staking, time-based locking, and controlled deposits by privileged users (airdrop role) on behalf of others.

Users can stake a specified ERC-20 token by locking it for a fixed duration (default: ~6 months). Upon staking, the user receives a non-transferable NFT that records the amount staked, the expiry timestamp, and the assigned tier based on the staked amount. Tiers are configurable and define thresholds and optional image metadata. Users can later deposit more tokens to upgrade their tier, but this will reset their expiry timestamp. After expiry, users can burn their own NFT to reclaim their total amount staked.

The contract includes an airdrop mechanism allowing privileged roles to create or top-up staking positions for multiple users in batch. It also supports external tokenUriBuilder contracts for dynamic NFT metadata generation.

Key attributes and design features:

• ERC-20 staking token: Address set at initialization (name, symbol, decimals not defined in this contract)

• ERC-721 token (soul-bound): Non-transferable NFTs with auto-incremented tokenIds starting from 1

• Lock period: Uniform for all users, adjustable by the owner while the contract is paused

• Tier structure: Configurable list of TierData entries, ordered by requireAmount

• Upgradeable: Follows OpenZeppelin's TransparentUpgradeableProxy pattern

• Role-based access control: Privileged airdrop role managed by the owner.

• Contract status: Starts paused for safety, with administrative control over pausing, URI builder, and tier updates

This architecture enables secure token locking through non-transferable NFTs, supports transparent tier-based logic, and integrates customizable metadata for each tier position.

Privileged roles

The contract owner also holds administrative authority over critical system parameters, including:

• Pausing and unpausing the contract (global circuit breaker)

• Updating the lock duration (lockTime)

• Modifying tier image URIs

• Assigning or revoking airdrop roles

• Setting or replacing the external tokenUriBuilder contract

• Upgrading the contract through the proxy pattern (via ownership)

The airdrop role (onlyAirdropRole) is a privileged role that can:

• Call the airdrop function to deposit tokens on behalf of users

The scope of the project includes the following smart contracts from the provided repository:

Assets in Scope