First Flight #12: Kitty Connect
First Flight #12: Kitty Connect
Beginner FriendlyFoundryNFTGameFi
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

Lack of token approval from Bridge to Router makes it impossible to bridge NFTs

pacelli

Summary

In order for users to bridge their NFTs to another chain, KittyConnect makes an external call to KittyBridge::bridgeNftWithData after this function generates and forwards the message to the Router, the Router will attempt to charge a fee from the bridge, but it will no be able to move the tokens because the bridge never approves the Router during the call nor contains a function to do so. This means users will never be able to bridge their tokens.

Impact

Users cannot bridge their NFTs as the protocol intends.

Tools Used

Manual review

Recommendations

After the fees to send the message is computed is KittyConect::bridgeNftWithData, include a call to the approve method of the LINK token contract to give an allowance to the Router equivalent to the fees to pays.

// bridgeNftWithData
IRouterClient router = IRouterClient(this.getRouter());
uint256 fees = router.getFee(_destinationChainSelector, evm2AnyMessage);
if (fees > s_linkToken.balanceOf(address(this))) {
revert KittyBridge__NotEnoughBalance(s_linkToken.balanceOf(address(this)), fees);
}
+ s_linkToken.approve(address(router), fees);
// rest of the function...
Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

Missing fee token approval

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.