ERC20 Token Balance Manipulation Through Direct Transfers
Summary
The ERC20ToGenerateNftFraccion contract allows ERC20 tokens representing NFT fractions to be transferred directly outside of the transferErcTokens function, which can lead to balance tracking issues and potential NFT locking.
Vulnerability Details
The contract maintains an internal balance tracking system through the balances mapping, but does not prevent direct ERC20 token transfers. Users can bypass the transferErcTokens function and transfer tokens directly using the ERC20 transfer methods.
Impact
Permanent locking of NFTs due to tokens being sent to unrecoverable addresses
Incorrect balance tracking leading to broken contract functionality
Inability to claim NFTs back even with legitimate ownership
Loss of user funds and assets
Tools Used
Manual code review
Performing formal verification with Quint
Recommendations
Implement transfer restrictions on the ERC20 token contract:
Lead Judging Commences
Transfer ERC20ToGenerateNftFraccion separately to the contract
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.