First Flight #15: Mondrian Wallet

First Flight #15

Beginner FriendlyFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Valid

MondrianWallet does not implement callback functions to receive ERC721 and ERC1155

n0kto

Description

MondrianWallet is an account abstraction implementation. It has to act like a normal EOA which means receiving ether, ERC20, ERC721 and ERC1155. However these 2 lasts standard need specific function to being received if "safeTransfer" function are used. Every contracts using this kind of function to transfer NFTs/tokens won't be able to transfer to the MondrianWallet.

Risk

Likelyhood: High

Every safe transfer in ERC721 or ERC1155 will revert.

Impact: High

Impossibility to receive NFTs from contract using a safe transfer functions.

Recommended Mitigation

Add the functions below to be compliant and permit this wallet to act like an EOA.

function onERC721Received(

address,

uint256,

bytes calldata

) external pure override returns (bytes4) {

return IERC721Receiver.onERC721Received.selector;

}

function onERC1155Received(

address,

uint256,

bytes calldata

) external pure override returns (bytes4) {

return IERC1155Receiver.onERC1155Received.selector;

}

function onERC1155BatchReceived(

address,

uint256[] calldata,

bytes calldata

) external pure override returns (bytes4) {

return IERC1155Receiver.onERC1155BatchReceived.selector;

}

function supportsInterface(bytes4 interfaceId) external view virtual override returns (bool) {

return

interfaceId == type(IERC721Receiver).interfaceId ||

interfaceId == type(IERC1155Receiver).interfaceId ||

interfaceId == type(IERC165).interfaceId;

}

Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago

Submission Judgement Published

Validated

Assigned finding tags:

Lacks onERC721Received implementation

n0kto Submitter

about 1 year ago

inallhonesty Lead Judge

about 1 year ago

inallhonesty Lead Judge about 1 year ago

Submission Judgement Published

Validated

Assigned finding tags:

Lacks onERC721Received implementation

Rewards breakdown

nSLOC

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.