Submission Details
Severity:
Unsafe NFTs Minting
Summary
Function donate is miniting an NFT using _mint this can result sending NFTs to an address that can't support ERC721 tokens.
Vulnerability Details
Using _mint directly sends NFT to the address without checking if the recipient can receive ERC721 tokens.
function donate(address charity) public payable {
require(registry.isVerified(charity), "Charity not verified");
(bool sent,) = charity.call{value: msg.value}("");
require(sent, "Failed to send Ether");
_mint(msg.sender, tokenCounter);
// Create metadata for the tokenURI
string memory uri = _createTokenURI(msg.sender, block.timestamp, msg.value);
_setTokenURI(tokenCounter, uri);
tokenCounter += 1;
}
Impact
Permanent Loss of NFTs: If NFTs are minted to an address that doesn't support ERC721 tokens, these tokens can be blocked and permanently lost, and can't be retrived.
Tools Used
Manual Review
Recommendations
Use _safeMint instead of _mint.
This ensure that the recipient can receive ERC721 tokens.
function donate(address charity) public payable {
require(registry.isVerified(charity), "Charity not verified");
(bool sent,) = charity.call{value: msg.value}("");
require(sent, "Failed to send Ether");
_safeMint(msg.sender, tokenCounter);
// Create metadata for the tokenURI
string memory uri = _createTokenURI(msg.sender, block.timestamp, msg.value);
_setTokenURI(tokenCounter, uri);
tokenCounter += 1;
}
Rewards breakdown
nSLOC
67This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.