The protocol is not compatable with all standard erc 721
Summary
The protocol is not compatable with all standard erc 721
Vulnerability Details
from the kick off video we can understand that at first the bridge only has everai nft whitelisted but the plan is to allow all standard erc 721 implementations to be able to be bridged. The problem is that this is not true.
the protocol currently will only support nft collections which are of the type(IERC721).interfaceId
the thing is nft can be a standard nft and noth be of the type(IERC721).interfaceId this is allowed by the token standard by the following statements.
https://eips.ethereum.org/EIPS/eip-721
Every ERC-721 compliant contract must implement the ERC721 and ERC165 interfaces (subject to “caveats” below):
as we can see there are caveats to this rule let us examine further...
The enumeration extension is OPTIONAL for ERC-721 smart contracts (see “caveats”, below). This allows your contract to publish its full list of NFTs and make them discoverable.
the enumeration extension has a different erc165 identifier than a normal erc 721 while still being erc 721 compliant
Note: the ERC-165 identifier for this interface is 0x780e9d63.
as we can see only the erc721 and erc1155 interface id are allowed otherwise we revert.
Impact
Certain erc 721 which follow the standard will not be supported by the bridge
Tools Used
manual review
Recommendations
allow the other erc 165 identifiers of erc 721 enumeralbe to be used in the bridge.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.