GivingThanks

First Flight #28

Beginner FriendlyFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Invalid

Using ERC721::_mint() can be dangerous

eth0x

Summary

The goal of the _mint function within the donate function is to reward donors with a unique ERC721 (NFT) token for their contribution.

Using ERC721::_mint() can mint ERC721 tokens to addresses which don't support ERC721 tokens.

Vulnerability Details

In function donateis function _mint.

The _mint function can mint tokens to addresses that do not support ERC721 tokens, such as contracts without ERC721 receivers.

_mint(msg.sender, tokenCounter);

Impact

This could result in tokens being locked in addresses where they cannot be transferred or interacted with.

If the _mint function is called within a function vulnerable to reentrancy, it could be exploited to mint multiple tokens unfairly. This can lead to an unfair distribution of tokens and potential financial loss.

Tools Used

aderyn

Recommendations

Use _safeMint() instead of _mint() for ERC721, or

ERC721 Receiver Check:

Ensure that the recipient address can handle ERC721 tokens by implementing a check using the ERC721Receiver interface:

solidity

function safeMint(address to, uint256 tokenId) internal {
require(to != address(0), "ERC721: mint to the zero address");
_mint(to, tokenId);
require(
_checkOnERC721Received(address(0), to, tokenId, ""),
"ERC721: transfer to non ERC721Receiver implementer"
);
}

Reentrancy Guard:
- Use a reentrancy guard to protect against reentrancy attacks, such as OpenZeppelin’s ReentrancyGuard:
  
  solidity
  
  import "@openzeppelin/contracts/security/ReentrancyGuard.sol";
  
  contract SecureMint is ReentrancyGuard {
  function safeMint(address to, uint256 tokenId) internal nonReentrant {
  require(to != address(0), "ERC721: mint to the zero address");
  _mint(to, tokenId);
  // Additional logic...
  }
  }
Access Control:
- Implement access control to ensure that only authorized accounts can mint tokens:
  
  solidity
  
  import "@openzeppelin/contracts/access/Ownable.sol";
  
  contract MyToken is ERC721, Ownable {
  function mint(address to, uint256 tokenId) public onlyOwner {
  _mint(to, tokenId);
  }
  }

Updates

Lead Judging Commences

n0kto Lead Judge 9 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Rewards breakdown

nSLOC

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.