GivingThanks
First Flight #28
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Invalid

Risk of locked assets due to use of _mint instead of _safeMint

icon0x

Summary

Vulnerability Details

The GivingThanks::donate() function uses _mint() instead of the recommended safeMint(), risking permanently locked assets if the recipient address is incompatible. _mint() does not check for the recipient's ability to handle ERC721 tokens, unlike safeMint().

function donate(address charity) public payable {
require(registry.isVerified(charity), "Charity not verified");
(bool sent,) = charity.call{value: msg.value}("");
require(sent, "Failed to send Ether");
@> _mint(msg.sender, tokenCounter);
// Create metadata for the tokenURI
string memory uri = _createTokenURI(msg.sender, block.timestamp, msg.value);
_setTokenURI(tokenCounter, uri);
tokenCounter += 1;
}

Impact

The use of _mint() instead of the safer safeMint() function risks permanently locking assets if the recipient address is incompatible, negatively impacting the contract's overall security and reliability.

Tools Used

Manual Review

Recommendations

Replacing _mint() with safeMint() would prevent the risk of unrecoverable asset loss and improve the contract's overall safety.

function donate(address charity) public payable {
require(registry.isVerified(charity), "Charity not verified");
(bool sent,) = charity.call{value: msg.value}("");
require(sent, "Failed to send Ether");
- _mint(msg.sender, tokenCounter);
+ _safeMint(msg.sender, tokenCounter);
// Create metadata for the tokenURI
string memory uri = _createTokenURI(msg.sender, block.timestamp, msg.value);
_setTokenURI(tokenCounter, uri);
tokenCounter += 1;
//@audit-issue: missing important emisssion for the frontend to keep records.
}
Updates

Lead Judging Commences

n0kto Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.