Return to site
Return to site

Bug Deep Dive #2

PositionTokens violates one of the MUST rules defined in EIP-1155 - $720

· Bug Deep Dive

Issue Summary

Section image

Description

PositionTokens violates one of the MUST rules defined in EIP-1155.
The rule states:

The URI MUST point to a JSON file that conforms to the ERC-1155 Metadata URI JSON Schema.

However, in the current implementation, the URI is set to an empty string, violating this requirement.

Alpha: on Sherlock, this doesn't always apply, and may be low. Read the readme to make sure, just like in this contest.

Additionally, the sponsor’s README explicitly states that violations of MUST EIP rules should be considered medium severity issues.

Conclusion

$720 for this finding is super juicy, but always read the readme! It must say something like this:

Section image

Subscribe
PreviousNext
Cookie Use
We use cookies to improve browsing experience, security, and data collection. By accepting, you agree to the use of cookies for advertising and analytics. You can change your cookie settings at any time. Learn More
Accept all
Settings
Decline All
Cookie Settings
Necessary Cookies
These cookies enable core functionality such as security, network management, and accessibility. These cookies can’t be switched off.
Analytics Cookies
These cookies help us better understand how visitors interact with our website and help us discover errors.
Preferences Cookies
These cookies allow the website to remember choices you've made to provide enhanced functionality and personalization.
Save