The PrizePool contract does not implement the onERC721Received function, which is considered a best practice to transfer ERC721 tokens from contracts to contracts. The absence of this function could prevent PrizePool from receiving ERC721 tokens from other contracts via safeTransferFrom.
kamescg
commented
3 years ago
Handle
shw
Vulnerability details
Impact
The
PrizePoolcontract does not implement theonERC721Receivedfunction, which is considered a best practice to transfer ERC721 tokens from contracts to contracts. The absence of this function could preventPrizePoolfrom receiving ERC721 tokens from other contracts viasafeTransferFrom.Proof of Concept
Referenced code: PrizePool.sol
Recommended Mitigation Steps
Consider adding an implementation of the
onERC721Receivedfunction inPrizePool.