60,000 USDC
Submission Details
Severity:
Logic error in StarklaneEscrow::_withdrawFromEscrow function, this can lead to miscalculation in the protocol
Summary
The logic for checking if the token supply is zero (// TODO: comment) is incomplete and should be implemented. This is essential to ensure that the transfer operations correspond to the actual state of the token.
Vulnerability Details
function _withdrawFromEscrow(
CollectionType collectionType,
address collection,
address to,
uint256 id
)
internal
returns (bool)
{
if (!_isEscrowed(collection, id)) {
return false;
}
address from = address(this);
if (collectionType == CollectionType.ERC721) {
IERC721(collection).safeTransferFrom(from, to, id); //@audit --> Reentrancy attack?
@> // TODO:
@> // Check here if the token supply is currently 0.
IERC1155(collection).safeTransferFrom(from, to, id, 1, "");
}
_escrow[collection][id] = address(0x0);
return true;
}
Impact
Can lead to inaccurate calculation
Tools Used
manual review
Recommendations
Validate inputs to avoid erroneous transactions.
Updates
Lead Judging Commences
n0kto about 1 year ago
Submission Judgement Published Reason: Non-acceptable severity
Assigned finding tags:
Informational / Gas
Please, do not suppose impacts, think about the real impact of the bug and check the CodeHawks documentation to confirm: https://docs.codehawks.com/hawks-auditors/how-to-determine-a-finding-validity A PoC always helps to understand the real impact possible.
Prize pool breakdown
Total prize
60,000 USDC
nSLOC
2,30126 USDC / LOC
50,000 USDC
5,500 USDC
4,500 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.