Loss of royalty payments in ERC721Bridgable.sol due to no implementation of receive() function
Summary
Loss of royalty payments in ERC721Bridgable.sol due to no implementation of receive() function
Vulnerability Detail
ERC721Bridgable.sol supports the ERC-2981 NFT Royalty Standard. The royalty receiver is set to address(this) i.e ERC721Bridgable contract itself in initialize() function.
function initialize(
string memory _name,
string memory _symbol,
uint96 _royaltyBps,
uint256 _REMOTE_CHAIN_ID,
address _REMOTE_TOKEN
) external {
. . . some code . . .
// Set this contract to receive marketplace royalty
@> _setDefaultRoyalty(address(this), _royaltyBps);
// Prevent this function from being called again
initialized = true;
}
This means that with any sell of ERC721 NFT, the ERC721Bridgable.sol contract would receive the some percent as a royalty payment.
Marketplaces MUST pay the royalty in the same unit of exchange as that of the _salePrice passed to royaltyInfo(). This is equivalent to saying that the _salePrice parameter and the royaltyAmount return value MUST be denominated in the same monetary unit. For example, if the sale price is in ETH, then the royalty payment must also be paid in ETH, and if the sale price is in USDC, then the royalty payment must also be paid in USDC.
It means that, if the ERC721 NFTs of ERC721Bridgable.sol is sold and to receive the royalty, ERC721Bridgable.sol should support Native tokens i.e it should have implemented receive() function. However, receive() is not implemented in ERC721Bridgable.sol contract.
InfernalRiftBelow.sol is used to handle the transfer of ERC721 and ERC1155 tokens from L2 -> L1 chains. claimRoyalties() function from InfernalRiftBelow.sol is used to claim the royalties from ERC721Bridgable bridgeable contract. Therefore, the native tokens can not be received in ERC721Bridgable contract so native royalty tokens can not be received.
For example, Marketplace like Opensea allows to set royalty token as Native ETH and sends the ETH royalty to royalty receiver address so in this case Native ETH can not be received in ERC721Bridgable contract due to missing receive() function.
Impact
Whenever the NFT is sold, there will be loss of royalty payment due to non-support of native tokens via receive() function in ERC721Bridgable.sol so native royalty can not be claimed via. InfernalRiftBelow.claimRoyalties() function so its high severity.
Lucky Cloud Parrot
High
Loss of royalty payments in
ERC721Bridgable.sol
due to no implementation of receive() functionSummary
Loss of royalty payments in
ERC721Bridgable.sol
due to no implementation of receive() functionVulnerability Detail
ERC721Bridgable.sol
supports the ERC-2981 NFT Royalty Standard. The royalty receiver is set toaddress(this)
i.eERC721Bridgable
contract itself ininitialize()
function.This means that with any sell of ERC721 NFT, the
ERC721Bridgable.sol
contract would receive the some percent as a royalty payment.As per ERC-2981: NFT Royalty Standard
It means that, if the ERC721 NFTs of
ERC721Bridgable.sol
is sold and to receive the royalty,ERC721Bridgable.sol
should support Native tokens i.e it should have implementedreceive()
function. However, receive() is not implemented inERC721Bridgable.sol
contract.InfernalRiftBelow.sol
is used to handle the transfer of ERC721 and ERC1155 tokens from L2 -> L1 chains.claimRoyalties()
function fromInfernalRiftBelow.sol
is used to claim the royalties fromERC721Bridgable
bridgeable contract. Therefore, the native tokens can not be received inERC721Bridgable
contract so native royalty tokens can not be received.For example, Marketplace like
Opensea
allows to set royalty token as Native ETH and sends the ETH royalty to royalty receiver address so in this case Native ETH can not be received in ERC721Bridgable contract due to missing receive() function.Impact
Whenever the NFT is sold, there will be loss of royalty payment due to non-support of native tokens via receive() function in
ERC721Bridgable.sol
so native royalty can not be claimed via.InfernalRiftBelow.claimRoyalties()
function so its high severity.Code Snippet
https://github.com/sherlock-audit/2024-08-flayer/blob/0ec252cf9ef0f3470191dcf8318f6835f5ef688c/moongate/src/libs/ERC721Bridgable.sol#L81-L82
Tool used
Manual Review
Recommendation
Implement
receive()
function to receive native royalty amount in ETH.