Core Contracts

Summary

A critical vulnerability has been identified in RAACNFT.sol, which allows users to purchase tokenized representations of real estate in the form of NFTs. However, the contract lacks functions to withdraw or transfer out funds after deposits, leading to a scenario where funds remain permanently locked in the contract.

Vulnerability Details

In RAACNFT.sol (source code), users purchase NFTs by transferring ERC-20 tokens to the contract using the safeTransferFrom function. The contract, however, does not include any mechanism to transfer these tokens out, effectively making it a black hole for funds.

Code Analysis

The following function in RAACNFT.sol demonstrates the issue:

Issue Breakdown:

1. Locked Funds: The contract receives ERC-20 tokens via safeTransferFrom, but there is no function to withdraw, transfer, or approve the movement of these tokens.

2. Protocol Disruption: Since high-value property transactions rely on ERC-20 token movement, funds being permanently locked in the contract hinders the intended functionality.

3. Lack of Transfer Logic: None of the inherited contracts provide a mechanism to recover funds, effectively making this contract act as a burn address.

Impact

This is a high-impact vulnerability as it prevents funds from being utilized within the protocol, leading to irreversible financial losses for users and rendering the contract ineffective in facilitating property transactions.

Tools Used

• Manual Review

Recommendations

1. Implement a Withdrawal Mechanism: Introduce a function to allow authorized parties to transfer ERC-20 tokens out of the contract.

2. Approval Functionality: Enable the contract to approve token spending by external addresses if needed.