Dria

Swan
NFTHardhat
21,000 USDC
View results
Submission Details
Severity: high
Invalid

NFTs assets purchased are trapped in buyerAgents and cant be transfered out because swan::purchase doesnt utilize safeTransferFrom and there is no way to send out assets from buyerAgents.

Summary

BuyerAgents purchased NFTs cannot be transfered out locking them on buyerAgent contract

Vulnerability Details

Users deploys BuyerAgents to purchase assets, however once the assets are purchased via BuyerAgent::purchase -> Swan::purchase they are sended to BuyerAgent contract.
However there is no way to transfer out asset (ERC721) from buyerAgent contract, because there is no function in BuyerAgent to do that and buyerAgent::owner() is not approved to transfer NFT asset out (BuyerAgent::owner is not ERC721 approved)

Impact

Severity: Purchased asset by buyerAgents are locked inside the contracts and owners are unable to transfer them out

Tools Used

Manual Review

Recommendations

Set allowance to BuyerAgent::owner() to transfer asset out inside BuyerAgent::purchase method after calling swan::purchase

Updates

Lead Judging Commences

inallhonesty Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Design choice

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.