8 matches found
Use of transferFrom() rather than safeTransferFrom() for NFTs in will lead to the loss of NFTs
Lines of code 230, 342, 514, 536 Vulnerability details The EIP-721 standard says the following about transferFrom: /// @notice Transfer ownership of an NFT -- THE CALLER IS RESPONSIBLE /// TO CONFIRM THAT to IS CAPABLE OF RECEIVING NFTS OR ELSE /// THEY MAY BE PERMANENTLY LOST /// @dev Throws...
Use of transferFrom() rather than safeTransferFrom() for NFTs in will lead to the loss of NFTs
Lines of code 230, 342, 514, 536 Vulnerability details The EIP-721 standard says the following about transferFrom: /// @notice Transfer ownership of an NFT -- THE CALLER IS RESPONSIBLE /// TO CONFIRM THAT to IS CAPABLE OF RECEIVING NFTS OR ELSE /// THEY MAY BE PERMANENTLY LOST /// @dev Throws...
Use of transferFrom() rather than safeTransferFrom() for NFTs in will lead to the loss of NFTs
Lines of code 230, 342, 514, 536 Vulnerability details The EIP-721 standard says the following about transferFrom: /// @notice Transfer ownership of an NFT -- THE CALLER IS RESPONSIBLE /// TO CONFIRM THAT to IS CAPABLE OF RECEIVING NFTS OR ELSE /// THEY MAY BE PERMANENTLY LOST /// @dev Throws...
Use of transferFrom() rather than safeTransferFrom() for NFTs in will lead to the loss of NFTs
Lines of code 230, 342, 514, 536 Vulnerability details Impact The EIP-721 standard says the following about transferFrom: /// @notice Transfer ownership of an NFT -- THE CALLER IS RESPONSIBLE /// TO CONFIRM THAT to IS CAPABLE OF RECEIVING NFTS OR ELSE /// THEY MAY BE PERMANENTLY LOST /// @dev...
Upgraded Q -> 2 from #240 [1683052133668]
Judge has assessed an item in Issue 240 as 2 risk. The relevant finding follows: LOW‑11 tokenURI does not follow EIP-721 The EIP states that tokenURI "Throws if tokenId is not a valid NFT", which the code below does not do. If the NFT has not yet been minted, tokenURI should revert Proof Of Conce...
Upgraded Q -> M from 796 [1666363133014]
Judge has assessed an item in Issue 796 as Medium risk. The relevant finding follows: L‑01 Use of transferFrom rather than safeTransferFrom for NFTs in will lead to the loss of NFTs The EIP-721 standard says the following about transferFrom: /// @notice Transfer ownership of an NFT -- THE CALLER ...
Lack of exception handling
Lines of code Vulnerability details Impact After looking through the following functions: NFTMarketOffer.sol::264 - IERC721nftContract.transferFrommsg.sender, offer.buyer, tokenId NFTMarketPrivateSale.sol::177 - nftContract.transferFromseller, msg.sender, tokenId; We were able to reach the...
EIP-721 / EIP-1155 Re-Entrancy Vulnerability (Resubmission)
Handle 0xsomeone Vulnerability details This submission acts as additional material to the original submission. I would like to note that the "Areas of Review" chapter of the contest explicitly states that "Vaults should always maintain 1:1 ratio..." which the re-entrancy breaks. --- The text was...