ArkProject: NFT Bridge

Summary

Vulnerability Detail

The erc721_metadata function of the collection_manager.cairo contract is responsible for extracting metadata from a given ERC721 contract. This function constructs an ERC721Metadata struct, which includes fields such as name, symbol, base_uri, and uris. The base_uri field is crucial as it typically forms the base part of the URI for token metadata.

In the current implementation, the base_uri is hardcoded to an empty string (""). This is problematic because the base_uri should be retrieved from the ERC721 contract to ensure the metadata is complete and accurate. By setting it to an empty string, the function returns incomplete metadata, which can lead to issues for applications relying on this data.

Relevant code snippet:

Impact

The impact of this issue is that any application or user relying on the erc721_metadata function to retrieve metadata will receive incomplete information. Specifically, the base_uri will always be an empty string, which can lead to incorrect or missing metadata URIs. This can cause confusion and potential issues in applications that depend on accurate metadata, such as NFT marketplaces or wallets.

Proof of Concept

1. A user calls the erc721_metadata function with a valid contract_address and an optional list of token_ids.

2. The function constructs the ERC721Metadata struct.

3. The base_uri field is set to an empty string (""), regardless of the actual base URI of the ERC721 contract.

4. The function returns the ERC721Metadata struct with an incorrect base_uri.

Tools Used

Manual review

Recommendation

To fix this issue, the base_uri should be retrieved from the ERC721 contract, similar to how name and symbol are retrieved. Here is the recommended code change:

This change ensures that the base_uri field in the ERC721Metadata struct contains the correct value from the ERC721 contract, providing complete and accurate metadata.