Protocol not fully compliant with `EIP-7579`
Summary
The core smart contracts implementing modular smart accounts functionality in this protocol, specifically Nexus.sol, ModuleManager.sol, and BaseAccount.sol, do not include an implementation of ERC-165 as required by EIP-7579 specifications.
Vulnerability Details
As per EIP-7579 specifications, smart accounts implementing this EIP must implement EIP-165.
Smart accounts MUST implement
ERC-165. However, for every interface function that reverts instead of implementing the functionality, the smart account MUST return false for the corresponding interface id.
The ERC-165 standard allows contracts to publish which interfaces they support, providing a way for contracts to query the support of interfaces without additional gas cost. The lack of ERC-165 implementation means that the protocol is not fully compliant with EIP-7579.
Impact
Medium. The protocol is not fully compliant with EIP-7579, which may lead to issues with interoperability and integration with other smart contracts and systems expecting ERC-165 compliance.
Tools Used
Manual Review
Recommendations
To ensure full compliance with EIP-7579, implement ERC-165
Lead Judging Commences
finding-ERC7579-ERC165-non-compliant
The argument for medium severity here is the potential inconsistencies with external integrations that would like to query whether a contract supports the interface. The impact is arguable though, so would leave open for arguments during appeals period.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.