search

sherlock-audit / 2024-04-titles-judging

9 stars 6 forks source link

zoyi - Contract will not work on Degen Network #246

Closed sherlock-admin3 closed 4 months ago

sherlock-admin3 commented 4 months ago

zoyi

medium

Contract will not work on Degen Network

Summary

Due to 0xSplits not supporting DegenNetwork, Titles will not be able operate on Degen Network.

Vulnerability Detail

As per the docs, the Sponsor is planning to deploy on the following chains:

//On what chains are the smart contracts going to be deployed?
//Ethereum, Base, OP, Zora, Blast, Arbitrum, zkSync, Degen

The problem is that one of the external protocols that is used by the Sponsor, 0xSplits, does not have their contracts deployed on Degen Network: deployed contracts

As per the public message of the Sponsor:

//Splits is a 3rd party, their contracts are already audited and deployed and are out of scope.

The deployed contracts of 0xSplits will be used. For example, createSplit() is called on one of the deployed contracts of 0xSplits during the createRoute()function, which is critical to the working of this project:

    /// @notice Creates a new fee route for the given {Edition} and attributions.
    /// @param edition_ The {Edition} for which to create the route.
    /// @param tokenId_ The token ID associated with the route.
    /// @param attributions_ The attributions to be associated with the route.
    /// @param referrer_ The address of the referrer to receive a share of the fee.
    function createRoute(
        IEdition edition_,
        uint256 tokenId_,
        Target[] calldata attributions_,
        address referrer_
    ) external onlyOwnerOrRoles(ADMIN_ROLE) returns (Target memory receiver) {
        Target memory creator = edition_.node(tokenId_).creator;

        if (attributions_.length == 0) {
            // No attributions, pay the creator directly
            receiver = creator;
        } else {
            // Distribute the fee among the creator and attributions
            (address[] memory targets, uint256[] memory revshares) = _buildSharesAndTargets(
                creator, attributions_, edition_.feeStrategy(tokenId_).revshareBps
            );

// Create the split. The protocol retains "ownership" to enable future use cases.
            // @audit this process seems odd
            receiver = Target({
->              target: splitFactory.createSplit(
                    SplitV2Lib.Split({
                        recipients: targets,
                        allocations: revshares,
                        totalAllocation: 1e6,
                        distributionIncentive: 0
                    }),
                    address(this),
                    creator.target
                    ),
                chainId: creator.chainId
            });
        }

        _feeReceivers[getRouteId(edition_, tokenId_)] = receiver;
        referrers[edition_] = referrer_;
    }

Given that the required contracts are not deployed on Degen Network, these function calls will not work.

Impact

Titles will not be able to function on Degen Network.

Code Snippet

https://github.com/sherlock-audit/2024-04-titles/blob/c9d16782a7d3c15c7a759f22c9e0552d5e777ed7/wallflower-contract-v2/src/fees/FeeManager.sol#L125-L160

Tool used

Manual Review

Recommendation

Do not launch on Degen Network

ccashwell commented 4 months ago

We can either request the team deploy to Degen Network or deploy ourselves, and in any case this is a third-party dependency and out-of-scope. Won't fix.