Submission Details
Severity:
After transfer nft(asset) to other address, new owner could not relist asset, but old owner - could
Summary
User could transfer asset to other address (sell on the secondary market, for example), but he still can relist asset and new owner could not do it.
Vulnerability Details
When user transfer nft with id 1(asset) to other address, there is changing only in asset contract.
When new owner will try to relist asset, he could not do it, because relist() function check that msg.sender is equal address from mapping `listings[asset]`, but not current owner of nft with id 1.
function relist(address _asset, address _buyer, uint256 _price) external {
AssetListing storage asset = listings[_asset];
// only the seller can relist the asset
if (asset.seller != msg.sender) {
revert Unauthorized(msg.sender);
}
...
}
Impact
New owner of asset could call relist() asset.
Tools Used
Manual review
Recommendations
function relist(address _asset, address _buyer, uint256 _price) external {
AssetListing storage asset = listings[_asset];
// only the seller can relist the asset
- if (asset.seller != msg.sender) {
+ if (SwanAsset(_asset).ownerOf(1) == msg.sender) {
revert Unauthorized(msg.sender);
}
...
}
Updates
Prize pool breakdown
Total prize
21,000 USDC
nSLOC
1,03420
USDC / LOC
20,000 USDC
1,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.