4 matches found
NFTDELTA: Detecting Permission Control Vulnerabilities in NFT Contracts through Multi-View Learning
Permission control vulnerabilities in Non-fungible token NFT contracts can result in significant financial losses, as attackers may exploit these weaknesses to gain unauthorized access or circumvent critical permission checks. In this paper, we propose NFTDELTA, a framework that leverages static...
Exploring the Vulnerabilities of Seaport: A Technical Analysis of a Fake Signature Attack on Non-Fungible Tokens
Lines of code Vulnerability details Impact This finding aims to provide a comprehensive analysis of the sc4m trend, which emerged in August 2022, and has since been a prevalent issue in the WEB3 space. Despite efforts to combat this phenomenon, bad actors continue to engage in illicit activities,...
Malicious NFT
Lines of code Vulnerability details Impact Anybody can create a vault which fractionalizes their NFT. However, this process should go through a whitelist and review process because a maliciously implemented NFT contracts can reclaim ownership of the contract despite it technically being 'owned' b...
[WP-M5] Royalties can be distribution unfairly among creatorRecipients for NFT contracts with non-standard getRoyalties() returns
Lines of code Vulnerability details Based on our research, getRoyalties is not a standardized API for NFT contracts to indicate how the royalties should be distributed among the recipients. However, in the current implementation, it always assumes that getRoyalties return in terms of BPS. if...