OwnershipNFTs.sol is not ERC721 compliant, doesnt implement the ERC165 interface.

[howlbot-integration[bot]]

Lines of code

https://github.com/code-423n4/2024-08-superposition/blob/4528c9d2dbe1550d2660dac903a8246076044905/pkg/sol/OwnershipNFTs.sol#L13

Vulnerability details

Bug Description

The contract OwnershipNFTs is supposed to be an ERC721 standard contract but it lacks the ERC165's supportInterface() function which is mandatory for all erc721 contracts as stated by the eip-721

Every ERC-721 compliant contract must implement the ERC721 and ERC165 interfaces (subject to “caveats” below): https://eips.ethereum.org/EIPS/eip-721#specification

Lack of the supportInterface() function will cause issues for external contracts that interact with the OwnershipNFTs.sol as they will be unable to verify the behaviour of the OwnershipNFTs i.e if it does indeed support ERC721 functions.

Further reading

• motivation for EIP165 -> https://eips.ethereum.org/EIPS/eip-165#motivation
• Solidity issue #3419 in https://eips.ethereum.org/EIPS/eip-721#caveats

  Solidity issue #3419: A contract that implements ERC721Metadata or ERC721Enumerable SHALL also implement ERC721. ERC-721 implements the requirements of interface ERC-165

Impact

OwnershipNFTs.sol is not ERC-721 compliant as it doesnt implement the ERC165 interface.

Tools Used

Manual review

Recommended Mitigation Steps

Implement the ERC165 interface in OwnershipNFTs.sol

Assessed type

ERC721

[c4-judge]

alex-ppg changed the severity to QA (Quality Assurance)

[c4-judge]

alex-ppg marked the issue as grade-c

[c4-judge]

This previously downgraded issue has been upgraded by alex-ppg

[c4-judge]

alex-ppg changed the severity to QA (Quality Assurance)

[c4-judge]

alex-ppg marked the issue as grade-b