3 matches found
EIP-712 signatures can be re-used in private sales
Lines of code Vulnerability details Impact Within a NFTMarketPrivateSale contract, buyers are allowed to purchase a seller's NFT. This is done through a seller providing a buyer a EIP-712 signature. The buyer can then call buyFromPrivateSaleFor providing the v, r, and s values of the signature as...
buyFromPrivateSaleFor() Will Fail if The Buyer Has Insufficient Balance Due to an Open Offer on The Same NFT
Lines of code Vulnerability details Impact The buyFromPrivateSaleFor function allows sellers to make private sales to users. If insufficient ETH is provided to the function call, the protocol will attempt to withdraw the amount difference from the user's unlocked balance. However, if the same use...
Survey Shows Most Flaws Sold For $5,000 Or Less
A new survey, which may be the first of its kind, has looked at the relative trustworthiness and responsiveness of the various organizations that buy vulnerabilities and found that TippingPoint’s Zero Day Initiative is rated by researchers as the most trustworthy and is the preferred buyer. The...