`ownerOf()` not defined in the `IMlumStaking` interface cause DoS on `Voter.vote()`

Summary

There is no function called ownerOf() defined in the IMlumStaking interface, but two function from Voter contract calls this function, causing the transaction to revert.

Vulnerability Detail

The vulnerability lies in the following code:

162: @> if (_mlumStaking.ownerOf(tokenId) != msg.sender) {
163:            revert IVoter__NotOwner();
164:        }
.
403: @> function ownerOf(uint256 tokenId, address account) external view returns (bool) {
404:        return _mlumStaking.ownerOf(tokenId) == account;
405:    }

But the IMlumStaking interface is not defined the ownerOf() function

Impact

DoS on the crtical vote() function in Voter contract

Code Snippet

https://github.com/sherlock-audit/2024-06-magicsea/blob/main/magicsea-staking/src/Voter.sol#L161 https://github.com/sherlock-audit/2024-06-magicsea/blob/main/magicsea-staking/src/Voter.sol#L403

Tool used

Manual Review

Recommendation

Define the ownerOf() function in the IMlumStaking interface.

sherlock-audit / 2024-06-magicsea-judging

0xAadi - `ownerOf()` not defined in the `IMlumStaking` interface cause DoS on `Voter.vote()` #648

`ownerOf()` not defined in the `IMlumStaking` interface cause DoS on `Voter.vote()`

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation

sherlock-audit / 2024-06-magicsea-judging

0xAadi - `ownerOf()` not defined in the `IMlumStaking` interface cause DoS on `Voter.vote()` #648

ownerOf() not defined in the IMlumStaking interface cause DoS on Voter.vote()

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation

`ownerOf()` not defined in the `IMlumStaking` interface cause DoS on `Voter.vote()`