DatingDapp
First Flight #33
Beginner FriendlyFoundrySolidityNFT
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

Unsafe transferFrom and safeTransferFrom Overrides

equation

Summary

Missing _beforeTokenTransfer() Hook this could cause unexpected issues with OpenZeppelin’s ERC721 implementation.

Vulnerability Details

function transferFrom(address, address, uint256) public pure override {revert SoulboundTokenCannotBeTransferred();}
function safeTransferFrom(address, address, uint256, bytes memory) public pure override {revert SoulboundTokenCannotBeTransferred();}

Impact

Some third-party applications may still attempt transfers, leading to failures.

Tools Used

Recommendations

A more robust approach would be:

function _beforeTokenTransfer( address from, address to, uint256 tokenId, uint256 batchSize ) internal override { require(from == address(0) || to == address(0), "Soulbound token cannot be transferred"); super._beforeTokenTransfer(from, to, tokenId, batchSize); }
Updates

Appeal created

n0kto Lead Judge 5 months ago
Submission Judgement Published
Invalidated
Reason: Too generic
Assigned finding tags:

Suppositions

You have to point a real root-cause leading to a bug. "If, may, could, unexpected behavior, incoherent" are not describing a real concrete bug. Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelihood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.