Omniscia SaucerSwap Audit

NFTHelper Manual Review Findings

NFTHelper Manual Review Findings

NFT-01M: Improper Argument Data Types

Description:

The referenced arguments are represented by the uint64 data type, however, the calls they are relayed to in the IHederaTokenService integration points expect them to be of the int64 data type.

Impact:

Given that the contract is utilized to interact with NFTs, the amount argument is ignored and as such this particular exhibit is not an active attack vector rendering it "minor" in severity.

Example:

contracts/libraries/NFTHelper.sol
19function safeMintTokens(
20    address token, 
21    uint64 amount, 
22    bytes[] memory metadata
23) internal {
24    
25    (bool success, bytes memory result) = precompileAddress.call(
26        abi.encodeWithSelector(IHederaTokenService.mintToken.selector,
27        token, amount, metadata));
28    int32 responseCode = success ? abi.decode(result, (int32)) : int32(21); // 21 = unknown
29    
30    if (responseCode != 22) {
31        revert HederaFail(responseCode);
32    }
33}
34

35/// @notice Burns tokens to account
36/// @dev Calls burn on token contract, errors with HederaFail if burn fails
37/// @param token The token id to burn
38/// @param amount The amount of tokens to burn
39/// @param serialNumbers The serial numbers to burn
40function safeBurnTokens(
41    address token, 
42    uint64 amount, 
43    int64[] memory serialNumbers
44) internal {
45    
46    (bool success, bytes memory result) = precompileAddress.call(
47        abi.encodeWithSelector(IHederaTokenService.burnToken.selector,
48        token, amount, serialNumbers));
49    int32 responseCode = success ? abi.decode(result, (int32)) : int32(21); // 21 = unknown
50    
51    if (responseCode != 22) {
52        revert HederaFail(responseCode);
53    }
54}

Recommendation:

We advise the function signatures of the NFTHelper::safeMintTokens and NFTHelper::safeBurnTokens functions to be updated, adjusting the amount data type to be a signed integer.

Alleviation (d8d187efd1fa23b943c82694aaaccb5b9e427096):

Both referenced arguments have been properly adjusted to be signed integers (int64) alleviating this exhibit in full.

Prev

BytesLib.sol (BLB-M)

Next

PeripheryPayments.sol (PPS-M)

On this page