Skip to content
This repository has been archived by the owner on Oct 22, 2023. It is now read-only.

Bauer - Use safeMint instead of mint for ERC721 #8

Closed
sherlock-admin opened this issue Apr 22, 2023 · 5 comments
Closed

Bauer - Use safeMint instead of mint for ERC721 #8

sherlock-admin opened this issue Apr 22, 2023 · 5 comments
Labels
Escalation Resolved This issue's escalations have been approved/rejected help wanted Extra attention is needed Low/Info A valid Low/Informational severity issue Non-Reward This issue will not receive a payout Will Fix The sponsor confirmed this issue will be fixed

Comments

@sherlock-admin
Copy link
Contributor

Bauer

medium

Use safeMint instead of mint for ERC721

Summary

Use safeMint instead of mint for ERC721

Vulnerability Detail

The msg.sender will be minted as a proof of staking NFT when the claimLoanNFT() function is called.
However, if lender is a contract address that does not support ERC721, the NFT can be frozen in the contract.

As per the documentation of EIP-721:
A wallet/broker/auction application MUST implement the wallet interface if it will accept safe transfers.

Ref: https://eips.ethereum.org/EIPS/eip-721
As per the documentation of ERC721.sol by Openzeppelin
Ref: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC721/ERC721.sol#L274-L285

LenderManager.sol
   function registerLoan(uint256 _bidId, address _newLender)
        public
        override
        onlyOwner
    {
        _mint(_newLender, _bidId);
    }

Impact

Users possibly lose their NFTs

Code Snippet

https://github.com/sherlock-audit/2023-03-teller/blob/main/teller-protocol-v2/packages/contracts/contracts/LenderManager.sol#L45

Tool used

Manual Review

Recommendation

Use safeMint instead of mint to check received address support for ERC721 implementation.

https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC721/ERC721.sol#L262
@github-actions github-actions bot added Medium A valid Medium severity issue Has Duplicates A valid issue with 1+ other issues describing the same vulnerability labels May 1, 2023
This was referenced May 1, 2023
Closed
Closed
Closed
Closed
Closed
@ethereumdegen ethereumdegen added the help wanted Extra attention is needed label May 4, 2023
@ethereumdegen ethereumdegen added the Will Fix The sponsor confirmed this issue will be fixed label May 15, 2023
@sherlock-admin sherlock-admin added the Reward A payout will be made for this issue label May 15, 2023
@securitygrid
Copy link

Escalate for 10 USDC
This is valid low/info. Lender's own fault. safeMint can introduce reentrancy issues.

@sherlock-admin
Copy link
Contributor Author

Escalate for 10 USDC
This is valid low/info. Lender's own fault. safeMint can introduce reentrancy issues.

You've created a valid escalation for 10 USDC!

To remove the escalation from consideration: Delete your comment.

You may delete or edit your escalation comment anytime before the 48-hour escalation window closes. After that, the escalation becomes final.

@sherlock-admin sherlock-admin added the Escalated This issue contains a pending escalation label May 20, 2023
@ethereumdegen
Copy link

Github PR: Issue 8 - Use SafeMint

@hrishibhat
Copy link

hrishibhat commented Jun 6, 2023
edited

Escalation accepted

Valid low
Users unable to claim/mint ERC721 if they do not have the necessary implementations if the protocol design clearly expects users to be able to is a valid low issue. Also as pointed out, safeMint can always add more issues to the code.
The same will be updated in Sherlock rules.

@sherlock-admin
Copy link
Contributor Author

sherlock-admin commented Jun 6, 2023
edited

Escalation accepted

Valid low
Users unable to claim/mint ERC721 if they do not have the necessary implementations if the protocol design clearly expects users to be able to is a valid low issue. Also as pointed out, safeMint can always add more issues to the code.
The same will be updated in Sherlock rules.

This issue's escalations have been accepted!

Contestants' payouts and scores will be updated according to the changes made on this issue.

@sherlock-admin sherlock-admin added Non-Reward This issue will not receive a payout and removed Reward A payout will be made for this issue labels Jun 6, 2023
@hrishibhat hrishibhat removed the Medium A valid Medium severity issue label Jun 6, 2023
@sherlock-admin sherlock-admin added Escalation Resolved This issue's escalations have been approved/rejected Low/Info A valid Low/Informational severity issue and removed Escalated This issue contains a pending escalation Has Duplicates A valid issue with 1+ other issues describing the same vulnerability labels Jun 6, 2023
@dmitriia dmitriia mentioned this issue Jul 7, 2023
Closed
@sherlock-admin sherlock-admin mentioned this issue Sep 8, 2023
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Escalation Resolved This issue's escalations have been approved/rejected help wanted Extra attention is needed Low/Info A valid Low/Informational severity issue Non-Reward This issue will not receive a payout Will Fix The sponsor confirmed this issue will be fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@ethereumdegen @hrishibhat @sherlock-admin @securitygrid