If a user reserves an ERC721 using ProtectedListings::reserve there is no functionality for the user to withdraw the ERC721.
Vulnerability Detail
A reserved listing according to the documentation enables a user to place a reservation for an NFT untill they have enough tokens to purchase the NFT.
The ProtectedListings::reserve function lets a user place the reservation but there is no way a user can retrieve the NFT when they have gotten enough tokens to pay for the NFT.
Impact
The collateral the user spent to place the reservation will be lost.
Bright Emerald Fish
High
A reserved token listing cannot be unlocked.
Summary
If a user reserves an ERC721 using
ProtectedListings::reservethere is no functionality for the user to withdraw the ERC721.Vulnerability Detail
A reserved listing according to the documentation enables a user to place a reservation for an NFT untill they have enough tokens to purchase the NFT. The
ProtectedListings::reservefunction lets a user place the reservation but there is no way a user can retrieve the NFT when they have gotten enough tokens to pay for the NFT.Impact
The collateral the user spent to place the reservation will be lost.
Code Snippet
The code for the reserve function -- https://github.com/sherlock-audit/2024-08-flayer/blob/main/flayer/src/contracts/Listings.sol#L690-#L759
Tool used
Manual Review
Recommendation
Add functionality to redeem reserved listings