code-423n4 / 2021-06-pooltogether-findings

0 stars 0 forks source link

Using `transferFrom` on ERC721 tokens #116

Closed code423n4 closed 3 years ago

code423n4 commented 3 years ago

Handle

shw

Vulnerability details

Editing on a previous submission to correct the details

Impact

In the function awardExternalERC721 of contract PrizePool, when awarding external ERC721 tokens to the winner, the transferFrom function is called instead of safeTransferFrom. If the winner is a contract and is not aware of incoming ERC721 tokens, the sent tokens could be locked.

Proof of Concept

Referenced code: PrizePool.sol#L602

Recommended Mitigation Steps

Consider changing transferFrom to safeTransferFrom at line 602.

asselstine commented 3 years ago

See https://github.com/code-423n4/2021-06-pooltogether-findings/issues/115

dmvt commented 3 years ago

duplicate of #115