DeFiHardhatOracleProxyUpdates
100,000 USDC
View results
Submission Details
Severity: low
Invalid

[M-1] Use `ERC721::_safeMint()` instead of `_mint()`

Summary

Using ERC721::_mint() can mint ERC721 tokens to addresses which don't support ERC721 tokens. Use _safeMint() instead of _mint() for ERC721.

  • Found in contracts/mocks/MockERC1155.sol Line: 12

    _mint(account, id, amount, new bytes(0));
  • Found in contracts/mocks/MockERC721.sol Line: 14

    _mint(account, id);
  • Found in contracts/mocks/MockMetadataERC1155.sol Line: 33

    _mint(account, id, amount, new bytes(0));
  • Found in contracts/mocks/MockSiloToken.sol Line: 24

    _mint(account, amount);
  • Found in contracts/mocks/MockToken.sol Line: 28

    _mint(account, amount);
  • Found in contracts/tokens/ERC20/BeanstalkERC20.sol Line: 53

    _mint(to, amount);

Impact

Using ERC721::_mint() can mint ERC721 tokens to addresses which don't support ERC721 tokens, while ERC721::_safeMint() ensures that ERC721 tokens are only minted to addresses which support them. OpenZeppelin discourages the use of _mint().

Recomendation

Use _safeMint() instead of _mint() for ERC721.

Updates

Lead Judging Commences

giovannidisiena Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Lack of quality
Assigned finding tags:

Informational/Invalid

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.