The contract GivingThanks
uses the _mint
function to create new ERC721 tokens, which does not check if the recipient is capable of receiving ERC721 tokens.
Instances:
Minting to donor (Line 26):
Potential Token Loss:
If tokens are minted to a contract that does not implement the onERC721Received
function, they could become permanently locked, leading to loss of tokens.
Compliance with ERC721 Standard:
The ERC721 standard recommends using _safeMint
to ensure safe transfers to contracts.
Use _safeMint
Function:
Replace _mint
with _safeMint
to include safety checks.
Handle Potential Reverts:
Be prepared for the possibility that _safeMint
may revert if the recipient cannot handle ERC721 tokens.
Inform Users:
Clearly communicate to users that their addresses must be capable of receiving ERC721 tokens, especially if they are using smart contract wallets.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.