Use safeTransferFrom() when transferring ERC721 tokens
#230
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
duplicate
This issue or pull request already exists
invalid
This doesn't seem right
Comments
code423n4
added
2 (Med Risk)
|
Dup of #356 |
GalloDaSballo
added
duplicate
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
Lines of code
https://github.com/code-423n4/2022-09-nouns-builder/blob/main/src/auction/Auction.sol#L192
Vulnerability details
Impact
It's generally recommended to use
safeTransferFrom()to not send tokens to an address that can't handle them.Here's the same issue from another contest: code-423n4/2022-05-cally-findings#38
Proof of Concept
https://github.com/code-423n4/2022-09-nouns-builder/blob/main/src/auction/Auction.sol#L192
Tools Used
none
Recommended Mitigation Steps
Use the contract's
safeTransferFrom()funtionThe text was updated successfully, but these errors were encountered: