Listed asset sellers can revoke their approval to the Swan contract, causing BuyerAgent's purchase operations to fail. This not only wastes the Agent's request fees but can effectively prevent normal protocol operation.
In purchase, the asset that the agent wants to purchase must be approved by the seller in the swan contract.
Otherwise, revert will occur in the asset transferFrom of swan.purchase.
When a seller creates a SwanAsset, it approves it to the swan contract through _setApprovalForAll, but it can be revoked by the owner (seller).
Therefore, if you revoke the approve after listing, it will be reverted when Agenr try to purchase the asset.
A malicious actor can prevent an agent from making an entire purchase, forcing the agent to pay the request fee and ultimately preventing the agent from functioning properly.
None
It is recommended that the SwanAsset is held by the swan contract rather than the Owner, or modify swan.purchase with a try catch statement so that the entire purchase does not fail.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.