Some multisig wallets do not support NMR


TL;DR Some multisig contracts do not functions correctly with NMR and may not permit you to transfer it. We recommend not to store NMR in multisig contracts unless you have verified that it supports NMR.

Here’s the technical details:

Most multisig contracts (Gnosis, Parity, “Ethereum Wallet”/Mist, and possibly others) use the .call function (which is an old piece of magic in Solidity that really shouldn’t be used anymore, according to Christian Reitwiessner) to call NMR functions. A quirk in .call is that it pads the input data to the next 32-byte boundary. [1] [2]

In the NMR smart contract, on the recommendation of our external security audit, we included a modifier called onlyPayloadSize [3], which checks that the size of the input data is exactly as expected. This was considered best practice at the time to mitigate a potential problem in blockchain software that doesn’t check the size of input addresses. [4]

As a result, multisig contracts cannot call any of the NMR functions which use onlyPayloadSize, which include transfer, transferFrom, and several others. Thus, any NMR sent to these contracts will not be able to be moved.

As far as we’re aware, there’s no way to mitigate this within the NMR contract. We recommend that users only use multisig wallets that support NMR, and we recommend that multisig wallet creators deprecate the use of .call in favor of inline assembly.