Unsafe Usage of `_mint` in AccountNFT Contract
Summary
The AccountNFT contract uses the _mint function to mint new NFTs instead of the recommended _safeMint function. The _safeMint function is preferred because it performs additional checks to ensure that NFTs are sent to addresses capable of receiving and handling them. Using _mint could lead to NFTs being sent to incompatible contracts, resulting in the loss of the NFT.
Vulnerability Details
The mint function in the contract uses _mint to create and assign an NFT to a recipient address:
https://github.com/Cyfrin/2024-07-zaros/blob/main/src/account-nft/AccountNFT.sol#L18-L21
While _mint simply creates the NFT and assigns it to the address, _safeMint performs the following additional steps:
Checks if the recipient address (
to) is a contract.If it is a contract, it checks if the contract implements the
IERC721Receiverinterface, which specifies functions a contract must have to safely receive NFTs.
If the recipient is not a contract or does not implement IERC721Receiver, _safeMint will revert the transaction, preventing the NFT from being sent to addresses that cannot handle them.
Impact
If an NFT is sent to an incompatible contract, it may become stuck in that contract and be inaccessible or untransferable.
Tools Used
Maunal review
Recommendations
Modify the mint function to use _safeMint instead of _mint. This will ensure that NFTs are only sent to addresses capable of handling them.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.