search

sherlock-audit / 2022-11-bullvbear-judging

0 stars 0 forks source link

simon135 - A Bear can give a worst nft in the collection that is near 0 with out an agreement on it and cause the bull to get a bad deal #102

Closed sherlock-admin closed 1 year ago

sherlock-admin commented 1 year ago

simon135

high

A Bear can give a worst nft in the collection that is near 0 with out an agreement on it and cause the bull to get a bad deal

Summary

A bear can give a bad nft from the collection and get its money back but since there is no agreement on the nft in the collection just the collection the bull can get cheated on.

Vulnerability Detail

Alice(bear attacker) bob(bull victim) They agree on an order for a collection that has a greater price but Alice transfers nft(which tokenId 1=0.1 ether) while the whole collection is above 1 ether which is cheating out the bull from a better nft which won't sell as well. steps: Alice gives the bad nft to the contract and they get their funds back The bull gets the bad nft for a loss that is not excepted

Impact

bear cheating on the bull

Code Snippet

  try
            IERC721(order.collection).safeTransferFrom(bear, bull, tokenId)
        {} catch (bytes memory) {
            // Transfer NFT to BvbProtocol
            IERC721(order.collection).safeTransferFrom(
                bear,
                address(this),
                tokenId
            );
            // Store that the bull has to retrieve it
            withdrawableCollectionTokenId[order.collection][tokenId] = bull;
        }

https://github.com/sherlock-audit/2022-11-bullvbear/blob/main/bvb-protocol/src/BvbProtocol.sol#L394

Tool used

Manual Review

Recommendation

i recommend to make sure the entities of the order agree on specific tokenId or make this a know risk in the frontend

Duplicate of #81