c4-judge
commented
1 year ago trust1995 marked the issue as unsatisfactory: Out of scope
Closed code423n4 closed 1 year ago
c4-judge
commented
1 year ago trust1995 marked the issue as unsatisfactory: Out of scope
trust1995
commented
1 year ago Discussed and standardized at the org level.
Lines of code
https://github.com/with-backed/papr/blob/9528f2711ff0c1522076b9f93fba13f88d5bd5e6/src/PaprController.sol#L98
Vulnerability details
Impact
Early NFT collections such as CryptoPunks, EtherRocks and MoonCats are not compliant with ERC721 standard. therefore, they can not be used as a collateral since transferring will fail. I beleive it would be a huge advantage for the protocol to support such well-known collections.
Proof of Concept
As an example, check CryptoPunks's code: https://etherscan.io/address/0xb47e3cd837ddf8e4c57f05d70ab865de6e193bbb#writeContract
Tools Used
Manual analysis
Recommended Mitigation Steps
Add a wrapper that checks if the NFT collection is special (e.g. MoonCats), then uses their special functions, otherwise, the standard ERC721 transfer.