Incompatible with zkSync and Degen chains deployment
Summary
Titles protocol is incompatible with the planned deployment on zkSync and Degen chains because Splits, which is a core dependence of Titles, isn't deployed on these two chains.
Vulnerability Detail
The protocol README states that Titles is planned to be deployed on multiple chains:
Q: On what chains are the smart contracts going to be deployed?
Therefore, Titles can be deployed on those two chains but will be unusable because all calls to TitlesCore.createEdition() and TitlesCore.publish() will fail because they ultimately call FeeManager.createRoute() which itself will call an inexistent contract splitFactory.createSplit().
/// @notice Creates a new fee route for the given {Edition} and attributions.
/// @param edition_ The {Edition} for which to create the route.
/// @param tokenId_ The token ID associated with the route.
/// @param attributions_ The attributions to be associated with the route.
/// @param referrer_ The address of the referrer to receive a share of the fee.
function createRoute(
IEdition edition_,
uint256 tokenId_,
Target[] calldata attributions_,
address referrer_
) external onlyOwnerOrRoles(ADMIN_ROLE) returns (Target memory receiver) {
Target memory creator = edition_.node(tokenId_).creator;
if (attributions_.length == 0) {
// No attributions, pay the creator directly
receiver = creator;
} else {
// Distribute the fee among the creator and attributions
(address[] memory targets, uint256[] memory revshares) = _buildSharesAndTargets(
creator, attributions_, edition_.feeStrategy(tokenId_).revshareBps
);
// Create the split. The protocol retains "ownership" to enable future use cases.
receiver = Target({
❌ target: splitFactory.createSplit(
SplitV2Lib.Split({
recipients: targets,
allocations: revshares,
totalAllocation: 1e6,
distributionIncentive: 0
}),
address(this),
creator.target
),
chainId: creator.chainId
});
}
_feeReceivers[getRouteId(edition_, tokenId_)] = receiver;
referrers[edition_] = referrer_;
}
Impact
Incompatible with the chains on which it is to be deployed.
nisedo
medium
Incompatible with zkSync and Degen chains deployment
Summary
Titles protocol is incompatible with the planned deployment on zkSync and Degen chains because Splits, which is a core dependence of Titles, isn't deployed on these two chains.
Vulnerability Detail
The protocol README states that Titles is planned to be deployed on multiple chains:
However, according to Split documentation, this protocol isn't deployed on zkSync and Degen:
Therefore, Titles can be deployed on those two chains but will be unusable because all calls to
TitlesCore.createEdition()
andTitlesCore.publish()
will fail because they ultimately callFeeManager.createRoute()
which itself will call an inexistent contractsplitFactory.createSplit()
.Impact
Incompatible with the chains on which it is to be deployed.
Code Snippet
Tool used
Manual Review
Recommendation
Don't deploy on zkSync and Degen until Splits protocol is deployed on both chains.