Upon the transfer of an escrowed NFT from the bridge to the user on StarkNet, the escrow status remains unaltered, failing to be reset
Summary
Upon the transfer of an escrowed NFT from the bridge to the user on Starknet, the escrow status remains unaltered, failing to be reset.
Vulnerability Details
bridge::withdraw_auto_from_l1
From the code above, if is_escrowed is true, it indicates that the token is held within the bridge contract. However, when transferring the token out, the escrow status is not reset to zero. This does not align with the protocol logic, as once the token is withdrawn, it should be reset to signify that it is no longer in escrow.
Impact
The escrow status does not align with the actual circumstances.
Tools Used
manual
Recommendations
Lead Judging Commences
finding-L2-withdrawing-do-not-clean-escrow-mapping
Impact: Incorrect state without any other impact, which deserves a Low according to CodeHawks documentation.
Appeal created
finding-L2-withdrawing-do-not-clean-escrow-mapping
Impact: Incorrect state without any other impact, which deserves a Low according to CodeHawks documentation.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.