Closed howlbot-integration[bot] closed 1 month ago
koolexcrypto changed the severity to QA (Quality Assurance)
koolexcrypto marked the issue as grade-c
This previously downgraded issue has been upgraded by koolexcrypto
koolexcrypto marked the issue as duplicate of #687
koolexcrypto marked the issue as duplicate of #218
koolexcrypto changed the severity to QA (Quality Assurance)
Lines of code
https://github.com/code-423n4/2024-07-traitforge/blob/main/contracts/EntityForging/EntityForging.sol#L125-L126
Vulnerability details
Impact
Excess ETH in
forgeWithListed()
is not refunded to the user.Proof of Concept
In
EntityForging.sol
we haveforgeWithListed()
:This function allows a user to merge two NFTs (Non-Fungible Tokens): one that is listed for forging and another that the user owns.
The function retrieves the forging fee from the listing and checks if the caller sent enough ETH to cover the fee. If not, it reverts.
But the function does not refund excess ETH to the user. This means that this ETH will be lost.
Tools Used
Visual Studio Code
Recommended Mitigation Steps
To fix this issue, the function should ensure that the amount being transferred does not exceed the value of
msg.value
. The other option is to return the excess ETH.Assessed type
ETH-Transfer