DeFiHardhatOracleProxyUpdates
100,000 USDC
View results
Submission Details
Severity: low
Invalid

Using ERC721:: _mint() can be dangerous

Summary

The contract BeanstalkERC20.sol contains a vulnerability where the _mint() function from the ERC721 standard is used to mint tokens. This can lead to tokens being minted to addresses that do not support ERC721 tokens. The safer alternative _safeMint() function should be used instead to prevent potential issues.

Vulnerability Details

In the provided code snippet:

// Line 53
_mint(to, amount);

The _mint() function is called to mint tokens to the specified address without considering whether the recipient address supports ERC721 tokens. This can result in tokens being minted to addresses that are not designed to handle ERC721 tokens, leading to potential interoperability issues or loss of tokens.

Impact

The impact of this vulnerability is significant as it can result in tokens being sent to addresses that are not compatible with ERC721 tokens. This can lead to loss of tokens or interoperability issues, affecting the functionality and usability of the tokens.

Tools Used

The identification of this vulnerability was done through code review.

Recommendations

Replace _mint() with _safeMint(): Use the _safeMint() function instead of _mint() to mint ERC721 tokens. _safeMint() includes additional checks to ensure that tokens are only minted to addresses that support ERC721 tokens, reducing the risk of interoperability issues.

Updates

Lead Judging Commences

giovannidisiena Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement
Assigned finding tags:

Safe mint

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.