Inheritable Smart Contract Wallet
First Flight #35
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: high
Invalid

NFT Burning Instead of Transfer in `InheritanceManager::buyOutEstateNFT` function could lead loss of asset

summer

Summary

NFTs are burned on buyout instead of transferring to the buyer.

Finding Description

The buyOutEstateNFT function burns the NFT instead of transferring it to the buyer.

nft.burnEstate(_nftID); // Erases ownership proof

  • This contradicts documentation about maintaining on-chain settlement records.

This means that after the buyout, there is no on-chain proof of ownership for the real-world asset represented by the NFT.

This vulnerability breaks the invariant that the NFT should be transferred to the buyer after the buyout. It results in the loss of on-chain proof of ownership for the real-world asset.

Impact Explanation

The impact of this vulnerability is high because it affects the buyOutEstateNFT function, which is used to transfer ownership of real-world assets represented by NFTs. After the buyout, there is no on-chain proof of ownership for the asset, potentially leading to disputes or financial loss.

Likelihood Explanation

the likelihood is very high as well

Recommendation

To fix this issue, the buyOutEstateNFT function should transfer the NFT to the buyer instead of burning it:

nft.transferFrom(address(this), msg.sender, _nftID);
Updates

Lead Judging Commences

0xtimefliez Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!