Flow
Sablier
FoundryDeFi
20,000 USDC
View results
Previous Next
Submission Details
Severity: low
Valid

SablierFlow not Complaint with EIP-4906 : `supportsInterface` dosn't always returns true when called with `0x49064906`

cayde

summary

sablierflow is supposed to be compliant with EIP-4906, but it's not due to the supportsInterface function in erc165 been overridden in erc721 function.

Vulnerability Details

The supportsInterface method MUST return true when called with 0x49064906.

This can't be confirmed as the function in erc165 been overwritten with the function in erc721

function supportsInterface(bytes4 interfaceId) public view virtual override(ERC165, IERC165) returns (bool) {
return
>>> interfaceId == type(IERC721).interfaceId ||
>>> interfaceId == type(IERC721Metadata).interfaceId ||
super.supportsInterface(interfaceId);
}

Inheritance goes as follow erc165 => erc721 => sablierflowbase so the function has been overridden

impact

Flow state can't be updated when integrating with any NFT marketplace

Tools Used

manual review

Recommendations

set the appropriate supprotsInterface function and make sure its not overridden

function supportsInterface(bytes4 interfaceId) public view virtual override(IERC165, ERC721) returns (bool) {
return interfaceId == bytes4(0x49064906) || super.supportsInterface(interfaceId);
}
Updates

Lead Judging Commences

inallhonesty Lead Judge 8 months ago
Submission Judgement Published
Validated
Assigned finding tags:

EIP4906

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.