GivingThanks

First Flight #28

Beginner FriendlyFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Invalid

Missing Compatibility Check in ERC721 Token Minting (_mint)

freesultan

Summary

The donate function in the GivingThanks contract uses _mint to mint ERC721 tokens to the donor’s address. However, _mint does not check if the recipient address is compatible with ERC721 tokens. This lack of a compatibility check means tokens could be minted to addresses that do not support the ERC721 standard, leading to a risk of tokens being locked in incompatible contracts, making them inaccessible and potentially disrupting the intended functionality of the contract.

Vulnerability Details

In the donate function, the contract mints an ERC721 token to msg.sender without verifying whether msg.sender can handle ERC721 tokens. Since _mint directly mints a token without checking compatibility, it can potentially mint tokens to a contract that does not implement the IERC721Receiver interface. If msg.sender is an incompatible contract address, the token will be effectively locked, as the recipient contract will not be able to transfer or interact with the token.

Impact

This vulnerability could lead to a Denial of Service (DoS) for token holders. Specifically:

Token Loss: If the donor address is an incompatible contract, the ERC721 token would be permanently locked and inaccessible.
Disruption of Contract Functionality: This issue could disrupt the intended utility of the tokens, as locked tokens would reduce the circulating supply and prevent legitimate users from accessing or using tokens as intended.
Reputational Damage: Users may lose trust in the contract’s reliability and security if tokens are seen as potentially "lockable" and unrecoverable.

Although this issue does not provide direct financial benefits to an attacker, it has a medium severity impact due to the disruption of functionality and potential for lost tokens.

Tools Used

Manual Code Review

Slither
Aderyn

Remix (for testing and analysis)

Recommendations

To mitigate this vulnerability, replace _mint with _safeMint in the donate function:

function donate(address charity) public payable {

require(registry.isVerified(charity), "Charity not verified");

(bool sent,) = charity.call{value: msg.value}("");

require(sent, "Failed to send Ether");

// Fix: Use _safeMint instead of _mint

+ _safeMint(msg.sender, tokenCounter);

string memory uri = _createTokenURI(msg.sender, block.timestamp, msg.value);

_setTokenURI(tokenCounter, uri);

tokenCounter += 1;

}

By using _safeMint, the contract will check if the recipient address is capable of handling ERC721 tokens, preventing tokens from being minted to incompatible contracts and reducing the risk of locked assets.

Updates

Lead Judging Commences

n0kto Lead Judge 12 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Rewards breakdown

nSLOC

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.