GivingThanks
First Flight #28
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Invalid

Using `ERC721::_mint()` can be dangerous

howiecht

Summary

Using ERC721::_mint()can minted ERC721 tokens to addresses which don't support ERC721 tokens.

Vulnerability Details

GivingThanks::donate(address)use _mint()to mint NFT to doner, however, there is no receiver checks forERC721::_mint(). If receiver is a smart contract without implementing IERC721Receiver, ERC721 token will be locked or lost.

Impact

Tools Used

Recommendations

Using _safeMint()instead of _mint()

Updates

Lead Judging Commences

n0kto Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.