Seller's royalty fee loss.
Summary
Seller's royalty fee loss.
Vulnerability Details
In the list(), when a seller lists an asset, will call transferRoyalties() , requiring the seller to pay the royalty fee.
In transferRoyalties(), the royalty fee paid by the seller is immediately transferred to the BuyerAgent and the Dria.
https://github.com/Cyfrin/2024-10-swan-dria/blob/main/contracts/swan/Swan.sol#L188
https://github.com/Cyfrin/2024-10-swan-dria/blob/main/contracts/swan/Swan.sol#L252
Impact
If the asset fails to sell:
-
Asset status remains Listed: If the asset is not purchased within the current round, its status remains Listed, and the seller cannot reclaim the royalty fee already paid.
-
Paying the royalty fee again upon relisting: If the seller attempts to relist the unsold asset, the contract requires the seller to pay the royalty fee again when calling the
relistfunction.
Tools Used
Recommendations
Adjust the timing of royalty fee payment: Move it from the listing stage to the purchase stage, ensuring that fees are only charged when the asset is actually sold.
Add a refund mechanism: If the asset is not sold, allow the seller to refund the fees paid under certain conditions.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.