Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Incompatible NFT Withdrawal Mechanism in `LendingPool.withdrawNFT()`

gajiknownnothing

Summary

The LendingPool.withdrawNFT() function uses safeTransferFrom to transfer NFTs to msg.sender. This requires the recipient to be an EOA or a contract that implements the onERC721Received interface. If msg.sender is a contract that does not implement this interface, the withdrawal will fail, locking the NFT in the pool.

Vulnerability Details

contracts/core/pools/LendingPool/LendingPool.sol:316

raacNFT.safeTransferFrom(address(this), msg.sender, tokenId);

The safeTransferFrom function enforces that the recipient (msg.sender) must handle ERC721 tokens by implementing the onERC721Received interface. If msg.sender is a contract that does not implement this interface, the transaction will revert, preventing the NFT from being withdrawn.

Impact

Contracts interates with the protocol who attempt to withdraw NFTs to a contract address that does not implement onERC721Received will be unable to retrieve their NFTs.

Tools Used

vscode

Recommendations

Replace safeTransferFrom with transferFrom to allow NFT transfers to any address.

Updates

Lead Judging Commences

inallhonesty Lead Judge 6 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
inallhonesty Lead Judge 6 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.