0xRektora
commented
1 month ago PermitC is OOS, only Pearlmit is.
We don't use fillPermittedOrderERC1155 and I believe it is reverting because you're using it wrong.
Open hats-bug-reporter[bot] opened 1 month ago
0xRektora
commented
1 month ago PermitC is OOS, only Pearlmit is.
We don't use fillPermittedOrderERC1155 and I believe it is reverting because you're using it wrong.
Github username: -- Twitter username: -- Submission hash (on-chain): 0x15da2212357bf0009b921d40e8435c376628eec9856d5fd6e4d5d75e958edbd1 Severity: medium
Description: Description\
https://github.com/Tapioca-DAO/PermitC/blob/70531932a22d99dd926d6f01b08f0d6f9217827f/src/PermitC.sol#L725
and
https://github.com/Tapioca-DAO/PermitC/blob/70531932a22d99dd926d6f01b08f0d6f9217827f/src/PermitC.sol#L783
both the function fillPermittedOrderERC1155 and fillPermittedOrderERC20 calls _orderTransfer,
and _orderTransfer calls
https://github.com/Tapioca-DAO/PermitC/blob/70531932a22d99dd926d6f01b08f0d6f9217827f/src/PermitC.sol#L1936
this does not work, there is no _transferFrom method in the contract.
the fillPermittedOrderERC1155 needs to call _transferFromERC1155
the fillPermittedOrderERC20 needs to call _transferFromERC20
Attack Scenario\ Describe how the vulnerability can be exploited.
Attachments
Proof of Concept (PoC) File
Revised Code File (Optional)