GivingThanks
First Flight #28
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

Use of _mint() Instead of _safeMint() for ERC721 Tokens

sauronsol

Summary

The contract uses _mint() instead of _safeMint() for NFT creation, which could lead to tokens being locked if sent to a contract that doesn't support ERC721.

Vulnerability Details

function donate(address charity) public payable {
// ...
_mint(msg.sender, tokenCounter); // Vulnerable line
// ...
}

The issue:

  • _mint() doesn't check if recipient can handle ERC721 tokens

  • If recipient is a contract without ERC721 support, tokens could be permanently locked

  • OpenZeppelin recommends using _safeMint() by default

Impact

Low - Tokens could be lost if:

  • Recipient is a contract without ERC721 implementation

  • No way to recover tokens once sent to incompatible contract

Tools Used

  • Manual code review

  • OpenZeppelin documentation

Recommendations

Replace _mint() with _safeMint():

function donate(address charity) public payable {
require(registry.isVerified(charity), "Charity not verified");
(bool sent,) = charity.call{value: msg.value}("");
require(sent, "Failed to send Ether");
_safeMint(msg.sender, tokenCounter); // Safe version
string memory uri = _createTokenURI(msg.sender, block.timestamp, msg.value);
_setTokenURI(tokenCounter, uri);
tokenCounter += 1;
}

This ensures tokens are only minted to addresses that can handle ERC721 tokens properly.

Updates

Lead Judging Commences

n0kto Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.