Omniscia Nexera Audit

FractionERC1155PausableDataManager Manual Review Findings

FractionERC1155PausableDataManager Manual Review Findings

FEG-01M: Inexistent Override of Burn / Mint Capabilities

Description:

The FractionERC1155PausableDataManager contract implementation does not override the relevant ERC1155Burnable and ERC1155Mintable burn and mint capabilities, permitting sensitive functionality such as FractionERC1155DataManager::partiallyUnlockWrappedAssets to remain accessible in a paused state.

Impact:

We consider this issue to be of medium severity as an attempted recovery from a malicious account (i.e. after an exploit and consequent pause of the system) can be sabotaged by the malicious party burning all their funds.

Example:

contracts/dataManagers/fractionalizers/ERC1155Fraction/FractionERC1155PausableDataManager.sol
49function safeTransferFrom(
50    address from,
51    address to,
52    uint256 id,
53    uint256 value,
54    bytes calldata data
55) public virtual override(IERC1155, ERC1155Transfers) onlyNotPausedTransfers(to) {
56    super.safeTransferFrom(from, to, id, value, data);
57}
58

59function safeBatchTransferFrom(
60    address from,
61    address to,
62    uint256[] calldata ids,
63    uint256[] calldata values,
64    bytes calldata data
65) public virtual override(IERC1155, ERC1155Transfers) onlyNotPausedTransfers(to) {
66    super.safeBatchTransferFrom(from, to, ids, values, data);
67}
68

69/// @inheritdoc OmnichainERC1155Transfers
70function safeTransferFrom(
71    address from,
72    OmnichainAddress to,
73    uint256 id,
74    uint256 value,
75    bytes calldata data
76) public payable virtual override onlyNotPausedOmnichainTransfers(to) {
77    super.safeTransferFrom(from, to, id, value, data);
78}
79

80function safeTransferFrom(
81    address from,
82    OmnichainAddress to,
83    uint256 id,
84    uint256 value,
85    bytes calldata data,
86    address payable refundAddress
87) public payable virtual override onlyNotPausedOmnichainTransfers(to) {
88    super.safeTransferFrom(from, to, id, value, data, refundAddress);
89}
90

91function safeBatchTransferFrom(
92    address from,
93    OmnichainAddress to,
94    uint256[] calldata ids,
95    uint256[] calldata values,
96    bytes calldata data
97) public payable virtual override onlyNotPausedOmnichainTransfers(to) {
98    super.safeBatchTransferFrom(from, to, ids, values, data);
99}
100

101/// @inheritdoc OmnichainERC1155Transfers
102function safeBatchTransferFrom(
103    address from,
104    OmnichainAddress to,
105    uint256[] calldata ids,
106    uint256[] calldata values,
107    bytes calldata data,
108    address payable refundAddress
109) public payable virtual override onlyNotPausedOmnichainTransfers(to) {
110    super.safeBatchTransferFrom(from, to, ids, values, data, refundAddress);
111}

Recommendation:

As the system indicates that the pausability feature is meant to be utilized in tandem with a recovery mechanism (i.e. FractionERC1155PausableRecoveryDataManager), we advise the relevant burn and mint capabilities to be overridden.

Alleviation:

The relevant mint and burn capabilities have been overridden as advised, alleviating this exhibit.

Prev

ERC20Transfers.sol (ERC-M)

Next

FractionERC20PausableDataManager.sol (FEP-M)

On this page