Using _transfer()
instead of safeTransferFrom()
may cause the user's NFT to be frozen in a contract that does not support ERC721
#235
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
duplicate-356
edited-by-warden
satisfactory
satisfies C4 submission criteria; eligible for awards
Lines of code
https://github.com/code-423n4/2022-12-tigris/blob/588c84b7bb354d20cbca6034544c4faa46e6a80e/contracts/GovNFT.sol#L101
https://github.com/code-423n4/2022-12-tigris/blob/588c84b7bb354d20cbca6034544c4faa46e6a80e/contracts/BondNFT.sol#L336
https://github.com/code-423n4/2022-12-tigris/blob/588c84b7bb354d20cbca6034544c4faa46e6a80e/contracts/GovNFTBridged.sol#L79
Vulnerability details
Impact
The GovNFT/BondNFT/GovNFTBridged contract allows users to call
safeTransferMany()
to send nft to the to address, andsafeTransferMany()
bottom layer will call_transfer()
to send nft, but here if the to address does not support ERC721. Then the nft will be locked in the to address.Proof of Concept
Tools Used
vscode
Recommended Mitigation Steps
It is recommended to use safeTransferFrom() to send nft
The text was updated successfully, but these errors were encountered: