Advertisement PDAX Banner

ERC-404 Rival? DN-404 Promises 20% Cheaper Gas Fees

Ethereum Logo

Aiming to solve the “issues” of ERC-404, a group of Ethereum-based developers confirmed that they have created an alternative implementation of the newly launched experimental token standard, called DN404. 

ERC-404: The Issues

According to a Twitter post by one of the developers of the DN-404 team, ERC-404 experiences an exploit in which a user is effectively able to trick a contract into trading token dust for an arbitrary number of 404 NFTs.

“This was a basic and contrived proof of concept, but the reality is that very many protocols currently live on mainnet that work in exactly this way. In fact, I found and reported the bug in the wild to more than one affected protocol, and they were thankfully able to disable the collection before it was exploited,” he explained. 

Basically, the ERC-404 standard combines the aspects of ERC-20 and ERC-721 to enable fractionalized NFT collections.

Unlike traditional NFTs, which are indivisible, ERC-404 allows for creating “semi-fungible” tokens that represent fractions of an NFT. This is achieved through token minting and burning mechanics, where owning fractions of a token corresponds to ownership of parts of the underlying NFT. 

Advertisement PDAX Banner

While it successfully integrated functionalities from both, issues arise in functions that are shared between the two standards, most especially the transferFrom, as per the developer. 

The “transferFrom” requires three parameters to enable: a source address, a destination address, and a number. In ERC721, that number is a token ID, while in ERC20 it is the count of tokens.

“This redesign birthed several critical vulnerabilities. The ‘standard’ differentiates between which token path to use (ERC20 or ERC721) based on how large the number is, but protocols can’t know that,” he explained. 

This is how the developer further presented the issue:

User A has NFT #257, and User B has NFT #258.

User B asks the vault to deposit 1 token, the ERC20 flow is correctly followed and User B properly receives 1 credit within the vault.

User A asks the vault to deposit 257 ERC20 tokens. transferFrom is called and ERC20721 routes it through the ERC721 logic, pulling token #257 to the vault. The call was successful, so the vault provides User A with 257 credits (after all, it asked for an ERC20 transfer).

Now, User A requests a withdrawal for 2 tokens. This is far lower than their allotted credits, so the vault proceeds with his withdrawal and sends not only his own token back, but User B’s token as well. After this, User A still has 298 more credits to use.

This issue is a sign of overloaded functions, according to the DN404 Team. That if it is not solved, a catastrophe is set to happen. 

DN404: The Solution

Consequently, ERC-404’s issue still has solutions. The possible solutions are either ask protocols to build around this new standard but remove unpredictable branching altogether by coming up with new function signatures unique to 404, or just use two contracts instead. 

For the team, using two different contracts is the better solution, producing DN404, “a standard that was built from the ground up using a novel approach that separates ERC721 and ERC20 functionalities into distinct contracts, linked from inception.” 

Basically, DN404 handles all the logic, storage, and permissions, but only exposes an ERC20 interface. But one of its advantages is that it offers about 20% cheaper gas fees against the ERC-404. 

“The result is that everything returns to the way it should be. The ERC721 and ERC20 contracts both exist, and both function as standalone products, but under the hood they run on shared 404 rails. Protocols always know exactly what you’re transferring, because each contract address follows just one standard,” the post read. 

Alongside the introduction of DN404 is DN404Mirror, which serves as a passthrough—an ERC721 interface that defers all logic to DN404, but emits its events.

“I want to be clear, while I had a ton of fun building this, I still see 404 as more of a gimmick than anything else. However, the space has shown a desire to continue using it, and so we decided it was worth making an implementation that was efficient and safe to use,” the developer concluded. 

This article is published on BitPinas: ERC-404 Rival? DN-404 Promises 20% Cheaper Gas Fees

Disclaimer:

  • Before investing in any cryptocurrency, it is essential that you carry out your own due diligence and seek appropriate professional advice about your specific position before making any financial decisions.
  • BitPinas provides content for informational purposes only and does not constitute investment advice. Your actions are solely your own responsibility. This website is not responsible for any losses you may incur, nor will it claim attribution for your gains.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.