Biconomy: Nexus
Biconomy
HardhatFoundry
30,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Valid

Limited Functionality Due to Not Supporting ERC-165.

0xrajkumar

Summary

Although our smart account supports ERC-721 and ERC-1155, not having the supportsInterface function limits our functionality on transactions that check for interface support by calling supportsInterface.

Vulnerability Details

Since our smart account is a contract, other contracts may call it to check if we support ERC-721 and ERC-1155. Not having the supportsInterface function can limit functionality.

Impact

It limits the functionality of our smart contracts and can cause a DoS on transactions that check for interface support by calling the supportsInterface function.

Tools Used

Manual

Recommendations

By adding supportsInterface, we can mitigate this bug.

function supportsInterface(bytes4 interfaceId) external view virtual override returns (bool) {
return
interfaceId == type(IERC721Receiver).interfaceId ||
interfaceId == type(IERC1155Receiver).interfaceId ||
interfaceId == type(IERC165).interfaceId;
}
Updates

Lead Judging Commences

0xnevi Lead Judge 11 months ago
Submission Judgement Published
Validated
Assigned finding tags:

finding-ERC7579-ERC165-non-compliant

The argument for medium severity here is the potential inconsistencies with external integrations that would like to query whether a contract supports the interface. The impact is arguable though, so would leave open for arguments during appeals period.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.