L1ERC721Bridge _initiateBridgeERC721 is not using safeTransferFrom. Necessary hooks and checks wouldn't be performed.
Summary
L1ERC721Bridge _initiateBridgeERC721 is not using safeTransferFrom. Necessary hooks and checks wouldn't be performed.
Vulnerability Detail
L1ERC721Bridge _initiateBridgeERC721 is not using safeTransferFrom.
Impact
Necessary hooks and checks wouldn't be performed.
Necessary checks include
Check whether target is an EOA.
Check whether target is a contract that implement ERC721Receiver.
Check whether target contract is accepting transfer with particular _data bytes.
If these checks fail, the transaction will be reverted. This is done to prevent the loss of NFT because of transferring into a contract that cannot receive ERC721.
Chom
low
L1ERC721Bridge _initiateBridgeERC721 is not using safeTransferFrom. Necessary hooks and checks wouldn't be performed.
Summary
L1ERC721Bridge _initiateBridgeERC721 is not using safeTransferFrom. Necessary hooks and checks wouldn't be performed.
Vulnerability Detail
L1ERC721Bridge _initiateBridgeERC721 is not using safeTransferFrom.
Impact
Necessary hooks and checks wouldn't be performed.
Necessary checks include
_data
bytes.If these checks fail, the transaction will be reverted. This is done to prevent the loss of NFT because of transferring into a contract that cannot receive ERC721.
Moreover, it won't perform onERC721Received hook.
Code Snippet
https://github.com/sherlock-audit/2023-01-optimism/blob/main/optimism/packages/contracts-bedrock/contracts/L1/L1ERC721Bridge.sol#L101
Tool used
Manual Review
Recommendation
Use safeTransferFrom instead of transferFrom