Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Exclude address(0) in ERC721 approvals #4405

Closed
wants to merge 1 commit into from

Conversation

frangio
Copy link
Contributor

@frangio frangio commented Jun 30, 2023

This PR implements a few changes to make the treatment of address(0) in ERC721 more uniform and consistent with the rest of the library:

  • _isApprovedOrOwner: Ensure we return false if spender is address(0). Don't revert if the token is not minted.
  • setApprovalForAll: Revert if operator is address(0).
  • approve: Revert if to is address(0).

The reasoning to reject address(0) is that it can show up unexpectedly by reading uninitialized values from storage, or any uninitialized variable, or as the return value of ecrecover, etc., and in the case of _isApprovedOrOwner if the spender is address(0) it could cause the function to return true in combination with getApproved, since that function returns 0 to indicate that no account is approved.

Proposing first before writing tests.

Fixes #4136.
Closes #4169 (superceded).
Closes #4144 (superceded).

@frangio frangio requested a review from a team June 30, 2023 16:06
@changeset-bot
Copy link

changeset-bot bot commented Jun 30, 2023

⚠️ No Changeset found

Latest commit: e9f03bd

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@frangio frangio changed the title Exclude address(0) in ERC721._isApprovedOrOwner Exclude address(0) in ERC721 approvals Jun 30, 2023
Comment on lines +232 to +235
return (owner != address(0) &&
(spender == owner ||
isApprovedForAll(owner, spender) ||
(_getApproved(tokenId) == spender && spender != address(0))));
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No actionnable here, but for the record I'm not a big fan of the linter's style.

Copy link
Collaborator

@Amxx Amxx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Waiting for the tests to run (curious about the gas changes).

If tests are good this LGTM.

@@ -386,8 +389,12 @@ abstract contract ERC721 is Context, ERC165, IERC721, IERC721Metadata, IERC721Er
* Emits an {Approval} event.
*/
function _approve(address to, uint256 tokenId) internal virtual {
address owner = ownerOf(tokenId);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should note that ownerOf is already called in the public approve.

If we want to minimize duplicated sloads, we could use a construction similar to _update's condition. This function is almost never used though, so optimising it is not as critical as transferFrom.

@frangio frangio mentioned this pull request Jul 12, 2023
6 tasks
@frangio
Copy link
Contributor Author

frangio commented Jul 12, 2023

Closing in favor of #4377

@frangio frangio closed this Jul 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Move to != owner check from ERC721.approval to ERC721._approval
2 participants