Platform: Code4rena
Start Date: 08/01/2024
Pot Size: $83,600 USDC
Total HM: 23
Participants: 116
Period: 10 days
Judge: 0xean
Total Solo HM: 1
Id: 317
League: ETH
Rank: 96/116
Findings: 1
Award: $8.62
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: LokiThe5th
Also found by: 0xAlix2, BI_security, Coverage, EV_om, Giorgio, KupiaSec, Qkite, SBSecurity, anshujalan, evmboi32, hals, juancito, krikolkk, oakcobalt, rbserver, rokinot, roleengineer, said, sin1st3r__, trachev, yashar
8.618 USDC - $8.62
Guard policy prevents major ERC721/ERC1155 calls to ensure asset stays in Safe, but it doesn't prevent "burn(uint256)" call. It allows renter to burn asset and breaks invariant that lender receives asset back after rental stops.
Burn case can't be considered as "Dishonest ERC721/ERC1155 Implementations", because all implementations have internal burn functionality, which assumes external function.
First asset I found on Opensea, which is using Seaport was LilPudgys, its contract has external burn function on L210:
https://etherscan.io/token/0x524cab2ec69124574082676e6f654a18df49a048#code
Review. Unit test can be added on request.
// bytes4(keccak256("burn(uint256)")) bytes4 constant erc721_burn_selector = 0x42966c68; // bytes4(keccak256("burn(uint256,uint256)")) bytes4 constant erc1155_burn_selector = 0xb390c0ab;
Token-Transfer
#0 - c4-pre-sort
2024-01-21T17:39:20Z
141345 marked the issue as duplicate of #323
#1 - c4-judge
2024-01-28T20:06:30Z
0xean marked the issue as satisfactory
#2 - c4-judge
2024-01-28T20:48:45Z
0xean changed the severity to 2 (Med Risk)