Omniscia Evergon Labs Audit
ERC1155Burnable Manual Review Findings
ERC1155Burnable Manual Review Findings
ERR-01M: Incorrect Batch Burn Implementation
| Type | Severity | Location |
|---|---|---|
| Logical Fault |  | ERC1155Burnable.sol:L41 |
Description:
The ERC1155Burnable::batchBurn implementation will accept a from argument and validate authorization from it towards the sender, however, the actual burn operation will be performed on the sender's account rather than the from address.
Impact:
The batch burn operation of the EIP-1155 implementation is incorrect and will burn items from the caller rather than the from argument.
Example:
contracts/dataManagers/ERC1155/ERC1155Burnable.sol
25/**26 * @notice Burn multiple tokens with specific IDs27 * @param ids The IDs of the tokens to burn28 * @param values The amounts of tokens to burn29 * @dev ids and values arrays must have the same length30 */31function batchBurn(address from, uint256[] memory ids, uint256[] memory values) public virtual {32 address sender = _msgSender();33 if (from != sender && !isApprovedForAll(from, sender)) {34 revert ERC1155MissingApprovalForAll(sender, from);35 }36
37 if (ids.length != values.length) {38 revert ERC1155InvalidArrayLength(ids.length, values.length);39 }40
41 _updateWithAcceptanceCheck(_msgSender(), address(0), ids, values, "");42}Recommendation:
We advise the ERC1155Transfers::_updateWithAcceptanceCheck call to be performed with the from argument similarly to the ERC1155Burnable::burn function.
Alleviation (c6b23c23d8bcd8cce85049ad959cbd711a37126b):
The code was updated to properly burn items from the from address, alleviating this exhibit in full.