Last updated
Was this helpful?
Submitted on Tue Jul 16 2024 23:29:16 GMT-0400 (Atlantic Standard Time) by @chista0x for
Report ID: #33280
Report type: Smart Contract
Report severity: Low
Target: https://testnet.snowtrace.io/address/0xA758c321DF6Cd949A8E074B22362a4366DB1b725
Impacts:
Contract fails to deliver promised returns, but doesn't lose value
Griefing (e.g. no profit motive for an attacker, but damage to the users or the protocol)
The NodeManager contract incorrectly implements the supportsInterface function, which fails to comply with the EIP-165 standard. As a result, it incorrectly returns false for the EIP-165 interface ID 0x01ffc9a7. This could lead to compatibility issues with other contracts and systems that rely on correct EIP-165 interface support.
The NodeManager contract implements the INodeManager interface, which extends IERC165, and is therefore expected to comply with EIP-165. According to EIP-165, the supportsInterface function should return:
true for the 0x01ffc9a7 (EIP-165 interface ID)
false for the 0xffffffff
true for any other interfaceID this contract implements
false for any other interfaceID
However, NodeManager.supportsInterface() currently returns false for 0x01ffc9a7, which is incorrect.
The relevant code snippet from NodeManager is:
The incorrect implementation of supportsInterface can lead to major compatibility issues. Contracts and systems that check for EIP-165 compliance may fail to interact with NodeManager correctly. This could cause failures in contract interactions, integrations, and potentially lead to the malfunction of decentralized applications relying on NodeManager.
Update the supportsInterface function as follows:
Add the following code to the test file test/oracle/modules/NodeManager.test.ts:
Run the test with the command npx hardhat test --grep "Chista0x-NodeManager"
Test output:
