First Flight #21: KittyFi
First Flight #21
Beginner FriendlyDeFiFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: high
Invalid

Use of `mint` instead of `safeMint` function

brene

Summary

The meowintKittyCoin function uses the mint function to mint new KittyCoin tokens. This approach can lead to potential vulnerabilities, as the mint function does not perform safety checks that are included in the safeMint function.

Vulnerability Details

The meowintKittyCoin function uses mint instead of safeMint. The mint function does not perform safety checks to ensure that the recipient address can handle ERC20 tokens, which can lead to issues if tokens are minted to smart contracts that do not support ERC20 tokens.

function meowintKittyCoin(uint256 _ameownt) external {
kittyCoinMeownted[msg.sender] += _ameownt;
>> i_kittyCoin.mint(msg.sender, _ameownt);
require(_hasEnoughMeowllateral(msg.sender), KittyPool__NotEnoughMeowllateralPurrrr());
}

Impact

If tokens are minted to a smart contract that does not support ERC20 tokens, the tokens could be permanently lost or locked in the contract, making them inaccessible to the intended recipient.

Tools Used

Manual Review

Recommendations

Use safeMint nstead of mint

function meowintKittyCoin(uint256 _ameownt) external {
kittyCoinMeownted[msg.sender] += _ameownt;
- i_kittyCoin.mint(msg.sender, _ameownt);
+ i_kittyCoin.safeMint(msg.sender, _ameownt)
require(_hasEnoughMeowllateral(msg.sender), KittyPool__NotEnoughMeowllateralPurrrr());
}
Updates

Lead Judging Commences

shikhar229169 Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.