Sablier

Sablier
DeFiFoundry
53,440 USDC
View results
Submission Details
Severity: low
Invalid

Use `_safeMint` instead of `_mint`

Summary

When a stream is created, a NFT is minted to that recipient. However _mint is used, which can cause problems.

Vulnerability Details

In the current implementation, if the recipient is a smart contract that can not receive ERC721 tokens, the minting will go though as there is no check for this. The _safeMint function does just that - it has a check if the recipient can handle ERC721 tokens.

Impact

Minting ERC721 tokens to contracts that can not handle them.

Tools Used

Manual Review

Recommendations

Use _safeMint instead of _mint, but also add nonReentrant modifiers, since _safeMint can reenter.

Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Known issue
Assigned finding tags:

Known - LightChaser

https://github.com/Cyfrin/2024-05-Sablier/issues/1

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.