The AssetManager::_sendRoyalty function will query whether an NFT supports the EIP-2981 interface yet will solely utilize the intended royaltyReceiver, ignoring the yielded royalty amount meant to be charged.
Impact:
Although non-standard behaviour, this may be a desirable trait of the protocol and thus has been marked as unknown in severity.
Example:
/**
* @notice Calculates and sends the royalty payment for an NFT transaction.
* @param _nftContractAddress The address of the NFT contract.
* @param _tokenId The ID of the NFT.
* @param _seller The address of the seller.
* @param price The price of the NFT.
* @return The amount of royalty paid.
*/
function _sendRoyalty(address _nftContractAddress, uint256 _tokenId, address _seller, uint256 price) internal returns (uint256) {
Royalty memory royalty = royalties[_nftContractAddress];
if (royalty.isEnabled) {
address royaltyReceiver = royalty.receiver;
uint256 royaltyAmount = _getPortionOfBid(price, royalty.percentage);
if (royaltyReceiver != _seller && royaltyReceiver != address(0)) {
emit RoyaltyReceived(_nftContractAddress, _tokenId, _seller, royaltyReceiver, royaltyAmount);
_safeTransferTo(payable(royaltyReceiver), royaltyAmount);
return royaltyAmount;
}
} else {
if (IERC721Upgradeable(_nftContractAddress).supportsInterface(_INTERFACE_ID_EIP2981) && defaultRoyalty > 0) {
uint256 royaltyAmount = _getPortionOfBid(price, defaultRoyalty);
(address royaltyReceiver,) = IRoyalty(_nftContractAddress).royaltyInfo(_tokenId, price);
if (royaltyReceiver != _seller && royaltyReceiver != address(0)) {
emit RoyaltyReceived(_nftContractAddress, _tokenId, _seller, royaltyReceiver, royaltyAmount);
_safeTransferTo(payable(royaltyReceiver), royaltyAmount);
return royaltyAmount;
}
}
}
return 0;
}
Recommendation:
We advise this to be re-evaluated as it contradicts the EIP-2981 standard and thus renders the codebase non-compliant with it.
AMR-01M: Inexistent Usage of EIP-2981 Royalty
Description:
The
AssetManager::_sendRoyalty
function will query whether an NFT supports the EIP-2981 interface yet will solely utilize the intendedroyaltyReceiver
, ignoring the yielded royalty amount meant to be charged.Impact:
Although non-standard behaviour, this may be a desirable trait of the protocol and thus has been marked as
unknown
in severity.Example:
Recommendation:
We advise this to be re-evaluated as it contradicts the EIP-2981 standard and thus renders the codebase non-compliant with it.