NFT Dealers

First Flight #58

Beginner FriendlyFoundry

100 EXP

View all submissions

Previous Next

Submission Details

Impact: high

Likelihood: high

Buyer Can Buy and Re-List Unchecked, Skipping Fee Calculation

Author Revealed upon completion

Root + Impact

Description

Normal behavior: Marketplace fees should apply on every sale based on price thresholds.

The current logic allows a buyer to buy an NFT, then relist and self-transfer in ways that bypass or miscalculate fees, enabling a fee bypass chain.

// s_listings is indexed by tokenId, not by global listing ID.

// @> Buyer can override listing entries with improper fee updates.

s_listings[_tokenId] = Listing({ ... });

Risk

Likelihood:

Occurs on normal marketplace flows: buy → relist → buy → cancel.
No privileged access required.

Impact:

Attacker can artificially inflate price or avoid fees

Marketplace loses revenue

Proof of Concept

// Buyer buys NFT

dealers.buy(id);

// Buyer lists NFT with 0 fee threshold price

dealers.list(id, 1);

// Relist multiple times to reset fee tier

Recommended Mitigation

Store sale price history separate from listing data and block price manipulations that avoid fee tiers.

- remove this code

+ add this code

Rewards breakdown

nSLOC

253

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!