Standards

onERC1155Received

onERC1155Received is the ERC1155 receiver hook called when a contract receives a single ERC1155 token transfer.

onERC1155Received is how a contract accepts one ERC1155 token transfer.

onERC1155Received Explained in Detail

onERC1155Received is called when a contract receives a single ERC1155 transfer. Batch transfers use a different hook: onERC1155BatchReceived.

The receiver must return the expected selector or the transfer should revert.

Smart contract example

function onERC1155Received(
    address operator,
    address from,
    uint256 id,
    uint256 value,
    bytes calldata data
) external returns (bytes4);

The selector is different from the batch receiver selector.

onERC1155Received in Auditing

ERC1155 receiver hooks are external calls during balance changes. They can trigger reentrancy and can also hide bugs around token IDs, amounts, and batch handling.

Auditors check hook ordering and selector validation carefully.

Red flags in code

  • Single and batch selectors are confused.

  • Return values are ignored.

  • Balance updates happen after the hook.

  • Receiver contracts reenter transfer, mint, burn, or claim logic.

  • data is trusted without validation.

How to test or review it

  • Test accepting, rejecting, reverting, and reentrant receivers.

  • Compare single-transfer behavior with batch-transfer behavior.

  • Confirm the correct selector is required.

  • Test multiple token IDs and amount edge cases.

  • Review state updates before and after the callback.

Sources