merklejerk
commented
1 year ago Don't consider this a vulnerability. The protocol is only designed to work with ERC721s. The FE will only suggest ERC721s to crowdfund on.
Open code423n4 opened 2 years ago
merklejerk
commented
1 year ago Don't consider this a vulnerability. The protocol is only designed to work with ERC721s. The FE will only suggest ERC721s to crowdfund on.
HardlyDifficult
commented
1 year ago At least change the name of the protocol when copy pasting another report 🙏
This is a NC feature suggestion, converting into a QA report for the warden.
HardlyDifficult
commented
1 year ago
Lines of code
https://github.com/PartyDAO/party-contracts-c4/blob/3896577b8f0fa16cba129dc2867aba786b730c1b/contracts/crowdfund/BuyCrowdfundBase.sol#L137
Vulnerability details
Impact
Cryptopunks are at the core of the NFT ecosystem. As one of the first NFTs, it embodies the culture of NFT marketplaces. By not supporting the trading of cryptopunks, Foundation is at a severe disadvantage when compared to other marketplaces. Cryptopunks have their own internal marketplace which allows users to trade their NFTs to other users. As such, cryptopunks does not adhere to the ERC721 standard, it will always fail when the protocol attempts to trade them.
Proof of concept
Here is an example implementation of what it might look like to integrate cryptopunks into the Foundation protocol.
Tools Used
Manual review
Recommended Mitigation Steps
Consider designing a wrapper contract for cryptopunks to facilitate standard ERC721 transfers. The logic should be abstracted away from the user such that their user experience is not impacted.