Project
One World
NFTDeFi
15,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

Unsafe ERC20 Token Transfers in MembershipFactory Contract

0xnirix

Summary

The MembershipFactory contract uses unsafe ERC20 token transfer methods instead of OpenZeppelin's SafeERC20 wrapper without checking return value and potentially exposes the protocol to risks from non-standard ERC20 implementations.

Vulnerability Details

  • Location: MembershipFactory.sol, joinDAO() function

  • The contract uses direct transferFrom() calls without SafeERC20 wrapper:

IERC20(daos[daoMembershipAddress].currency).transferFrom(_msgSender(), owpWallet, platformFees);
IERC20(daos[daoMembershipAddress].currency).transferFrom(_msgSender(), daoMembershipAddress, tierPrice - platformFees);

  • No validation of transfer success

  • No protection against non-standard ERC20 implementations

  • Contrasts with MembershipERC1155.sol which properly uses SafeERC20

Impact

  • Silent failures possible as there is no validation of transfer success

  • As a result, platform fees might not be collected

Tools Used

  • Manual code review

Recommendation

import "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
contract MembershipFactory {
using SafeERC20 for IERC20;
function joinDAO(address daoMembershipAddress, uint256 tierIndex) external {
// ... existing checks ...
IERC20(daos[daoMembershipAddress].currency).safeTransferFrom(_msgSender(), owpWallet, platformFees);
IERC20(daos[daoMembershipAddress].currency).safeTransferFrom(_msgSender(), daoMembershipAddress, tierPrice - platformFees);
// ... rest of the function ...
}
}
Updates

Lead Judging Commences

0xbrivan2 Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Known issue
0xbrivan2 Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Known issue

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.