Beginner FriendlyFoundryNFT
100 EXP
View results
Submission Details
Severity: medium
Invalid

Lack of Check for INVALID_RECIPIENT in `TRANSFER_TAKE_FROM()`

Summary

The code lacks a critical check for an invalid recipient (address(0)) when transferring tokens within the TRANSFER_TAKE_FROM() function. This absence of validation may result in unintended behavior or potential vulnerabilities. The provided proof of concept demonstrates the suggested modification to mitigate the issue.

Impact

Failure to check for an invalid recipient during token transfers poses a significant risk. If the to address is address(0), the contract should revert to prevent tokens from being transferred to an invalid or nonexistent recipient. The vulnerability could lead to loss of tokens or unexpected contract behavior.

Vulnerability Details

Proof of Concept

// In TRANSFER_TAKE_FROM()
// ...
// Check if to === address(0) revert with "INVALID_RECIPIENT"
dup2 continue jumpi // [from, to, tokenId]
INVALID_RECIPIENT(0x00)
continue:
// ... (existing code)

Tools Used

  • Manual code analysis

Recommendations

Recommendations

To address the lack of a check for an invalid recipient, the following recommendation is provided:

  1. Invalid Recipient Check:
    Insert a check to verify if the to address is address(0) within the existing code. If the condition is met, revert the transaction with an "INVALID_RECIPIENT" error.

// Check if to === address(0) revert with "INVALID_RECIPIENT"
dup2
continue jumpi // [from, to, tokenId]
INVALID_RECIPIENT(0x00)
continue:

This modification ensures that the contract correctly handles scenarios where the recipient address is address(0).

Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
0xVinylDavyl Submitter
over 1 year ago
inallhonesty Lead Judge
over 1 year ago
inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.