Closed sherlock-admin closed 1 year ago
8olidity
medium
use safetransferFrom()
The safetransferFrom function is not used
safetransferFrom
function _initiateBridgeERC721( address _localToken, address _remoteToken, address _from, address _to, uint256 _tokenId, uint32 _minGasLimit, bytes calldata _extraData ) internal override { require(_remoteToken != address(0), "L1ERC721Bridge: remote token cannot be address(0)"); // Construct calldata for _l2Token.finalizeBridgeERC721(_to, _tokenId) bytes memory message = abi.encodeWithSelector( L2ERC721Bridge.finalizeBridgeERC721.selector, _remoteToken, _localToken, _from, _to, _tokenId, _extraData ); // Lock token into bridge deposits[_localToken][_remoteToken][_tokenId] = true; IERC721(_localToken).transferFrom(_from, address(this), _tokenId); //@audit // Send calldata into L2 MESSENGER.sendMessage(OTHER_BRIDGE, message, _minGasLimit); emit ERC721BridgeInitiated(_localToken, _remoteToken, _from, _to, _tokenId, _extraData); }
https://github.com/sherlock-audit/2023-03-optimism/blob/main/optimism/packages/contracts-bedrock/contracts/L1/L1ERC721Bridge.sol#L77-L106
Manual Review
8olidity
medium
use safetransferFrom()
Summary
use safetransferFrom()
Vulnerability Detail
The
safetransferFrom
function is not usedImpact
use safetransferFrom()
Code Snippet
https://github.com/sherlock-audit/2023-03-optimism/blob/main/optimism/packages/contracts-bedrock/contracts/L1/L1ERC721Bridge.sol#L77-L106
Tool used
Manual Review
Recommendation
use safetransferFrom()