Pieces Protocol
First Flight #32
Beginner FriendlyFoundrySolidityNFT
100 EXP
View results
Previous Next
Submission Details
Severity: low
Valid

The protocol has non-withdrawable fees stuck in the contract forever.

riceee

Description

Currently on buying a order via TokenDivider::buyOrder the user pays the order price (includes the seller fee) and the protocol fees. Then this function makes two external calls:/

  • One to transfer order value to the seller

  • Second to transfer fees to the contract owner

The payment sent to the seller is done by subtracting the sellerFee from the order.price. It leaves the sellerFee with the protocol. But then, the fees sent to the owner is only the fee leaving behinf the sellerFee forever within the protocol as there is no external withdraw function to sweep the protocol.

Impact

Seller fees are stuck in the contract

Tools Used

Manual Review

Recommendations

Modify the call to the owner's address to include the sellerFeein TokenDivider::buyOrder

- (bool taxSuccess, ) = payable(owner()).call{value: fee}("");
+ (bool taxSuccess, ) = payable(owner()).call{value: fee + sellerFee}("");

Or add a withdraw function to sweep the contract of its ETH

function withdraw() external onlyOwner {
(bool success, ) = payable(owner()).call{value: address(this).balance}("");
require(success);
}
Updates

Lead Judging Commences

fishy Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Appeal created

riceee Submitter
9 months ago
fishy Lead Judge 9 months ago
Submission Judgement Published
Validated
Assigned finding tags:

Token misshandling

The extra eth sent by the user in the buy order will be locked in the contract forever

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.