Platform: Code4rena
Start Date: 07/07/2022
Pot Size: $75,000 USDC
Total HM: 32
Participants: 141
Period: 7 days
Judge: HardlyDifficult
Total Solo HM: 4
Id: 144
League: ETH
Rank: 103/141
Findings: 1
Award: $61.94
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: xiaoming90
Also found by: 0x1f8b, 0x29A, 0x52, 0xA5DF, 0xDjango, 0xNazgul, 0xNineDec, 0xf15ers, 0xsanson, 0xsolstars, 242, 8olidity, Amithuddar, Aymen0909, Bnke0x0, BowTiedWardens, David_, Deivitto, ElKu, Funen, Hawkeye, IllIllI, JC, Kaiziron, Keen_Sheen, Kthere, Kulk0, Kumpa, Lambda, MEP, ReyAdmirado, Rohan16, Ruhum, Sm4rty, TomJ, Tomio, Treasure-Seeker, TrungOre, Tutturu, Viksaa39, Waze, _Adam, __141345__, ak1, apostle0x01, asutorufos, async, ayeslick, aysha, bbrho, benbaessler, berndartmueller, c3phas, cccz, chatch, cloudjunky, codexploder, cryptphi, delfin454000, dipp, durianSausage, dy, exd0tpy, fatherOfBlocks, hake, hansfriese, horsefacts, hubble, joestakey, jonatascm, kebabsec, kenzo, kyteg, mektigboy, neumo, oyc_109, pashov, pedr02b2, peritoflores, rajatbeladiya, rbserver, robee, rokinot, s3cunda, sach1r0, sahar, sashik_eth, scaraven, shenwilly, simon135, sorrynotsorry, sseefried, svskaushik, unforgiven, z3s, zzzitron
61.9379 USDC - $61.94
Because of MITM risk for using ntx.origin using msg.sender instead of it is a better choice
Any user who is aware of the exact deployment time can call this function immediately after deploying the contract and put his address in the owner variable. Using special constructor function is a better option.
If balanceOf[_from][_id] is less than _amount, then executing the statement balanceOf[_from][_id] -= _amount will fail.
block.timestamp may be manipulated by miners.
It should be checked that the parameters of the safeTransferFrom function are correctly set, especially check that the id belongs to msg.sender.
If, for any reason, the old owner sends a wrong address to this function, there is no way to reverse the changes and modify the address again, and the entire contract is in jeopardy. Therefore, it is better to use a two-step method to change ownership. In the first step, the address of the new owner is sent to the contract and registered, and in the second step, the ownership request is sent through the same second address and the changes are made.
Same issue is correct for the below code line too:
Using the modified contract instead of the original and standard and audited OpenZeppelin contract can bring risks. Especially the fact that the version of the compiler of this contract is different. Same issue is correct for the below code line too:
This comment line,[ the comment line before it, and the comment line after it] consider the r and s inputs as 64 bytes length and _v [The recovery ID] is considered as the 129th byte. Where the standard definition of ecrecover function is as follows:
ecrecover(bytes32 hash, uint8 v, bytes32 r, bytes32 s) returns (address): recover the address associated with the public key from elliptic curve signature or return zero on error. The function parameters correspond to ECDSA values of the signature: r = first 32 bytes of signature, s = second 32 bytes of signature, v = final 1 byte of signature. ecrecover returns an address, and not an address payable.
If any programming has been done with this logic, had to recheck and test again