Open code423n4 opened 2 years ago
The contract implements the ERC2981 getter but does not register it as a 165 interface. Agree with the warden that this is a Medium risk issue. This is a function of the protocol and it may not work with many external marketplaces because it does not yet follow the standard as expected.
Lines of code
https://github.com/code-423n4/2022-07-fractional/blob/main/src/FERC1155.sol#L31-L34
Vulnerability details
Impact
The EIP-2981: NFT Royalty Standard implementation is incomplete, missing the implementation of
function supportsInterface(bytes4 interfaceID) external view returns (bool);
from the EIP-165: Standard Interface DetectionProof of Concept
A marketplace implemented royalties could check if the NFT have royalties, but if don't add the interface of
ERC2981
on the_registerInterface
, the marketplace can't know if this NFT havesTools Used
Manual Review
Recommended Mitigation Steps
Like in solmate ERC1155.sol add the
ERC2981
interfaceId on theFERC1155
contract