Open code423n4 opened 1 year ago
minhquanym marked the issue as primary issue
0xRektora (sponsor) confirmed
dmvt marked the issue as selected for report
dmvt marked the issue as not selected for report
dmvt changed the severity to QA (Quality Assurance)
dmvt marked the issue as grade-b
Lines of code
https://github.com/Tapioca-DAO/YieldBox/blob/master/contracts/ERC1155.sol#L83
Vulnerability details
AssetRegister inherits YieldBox's
ERC1155
contract and adds logic to approve individual token by their ids to specific operators viaTo check for individual approvals ERC1155 implementation modifies
_requireTransferAllowed
function to have additional parameterapproved
.There are also changes to modify YieldBox's original ERC1155 methods
safeTransferFrom
There is additional method defined for Yieldbox
transfer
that implement transfer logic doing proper check usingallowed
modifierIt is impossible to transfer individual YieldBox ERC1155 tokens by approved operators using standard ERC1155
safeTransferFrom
method.Impact
Medium - broken backward compatibility with ERC1155
Proof of concept
User:
Operator:
safeTransferFrom
of ERC1155Tools Used
Manual review
Recommended Mitigation Steps
safeTransferFrom
andsafeBatchTransferFrom
ERC1155 method to include invidiual token id allowance check onceAssessed type
Other