Summary

Owner approval is never made making "safeTransferFrom()" unusable inside of "KittyConnect.sol".

Vulnerability Details

Owner approval is never made making "safeTransferFrom()" unusable inside of "KittyConnect.sol". When entering the "safeTransferFrom()" method the business logic leads to a check such as:

This code will always throw an error and will revert the transaction since no publicly exposed function for granting permission to the new owner from the old owner is present, therefore cannot be called explicitly before "safeTransferFrom()" so the above mentioned require check to pass, OR no call to function "approve(address to, uint256 tokenId)" from ERC721 contract is made implicitly inside of "safeTransferFrom()" (even though that will also break the invariant, because it is stated that the owner of the cat has to give the approval to the new owner, and not the shop partner, but still that will make the contract transfers possible) right before the above mentioned check resulting in granting access to the new owner. This vulnerability breaks the following invariant of the protocol: "* @notice but requires the approval of the cat owner to the new owner before shop partner calls this" which is stated in the doc above the "safeTransferFrom()";

Impact

High, since the safeTranferFrom() function inside the protocol will always revert, making the transfers impossible and protocol unusable.

Tools Used

Manual review.

Recommendations

Expose an external function such as: