Project

One World
NFTDeFi
15,000 USDC
View results
Submission Details
Severity: low
Invalid

Incorrect Use of burn Instead of safeBurn in upgradeTier Function

Summary

The upgradeTier function in the provided Solidity code uses the burn method instead of the safeBurn method from the SafeBurn library. This can lead to potential issues with token burning, especially for tokens that require the use of safeBurn to ensure safe and compliant burning operations.

Vulnerability Details

https://github.com/Cyfrin/2024-11-one-world/blob/main/contracts/dao/MembershipFactory.sol

The vulnerability is due to the use of the burn method for burning tokens:

IMembershipERC1155(daoMembershipAddress).burn(_msgSender(), fromTierIndex, 2);

The burn method does not perform any safety checks to ensure that the burning operation is safe and compliant. This can lead to issues if the token contract requires additional checks or handling during the burning process, potentially resulting in failed transactions or other unintended consequences.

Impact

The incorrect use of burn can result in:

  • Failed burning operations if the token contract requires additional checks or handling.

Tools Used

manual review

Recommendations

To fix the issue, replace burn with safeBurn to ensure safe and compliant burning operations. The updated code should be:

IMembershipERC1155(daoMembershipAddress).safeBurn(_msgSender(), fromTierIndex, 2);
Updates

Lead Judging Commences

0xbrivan2 Lead Judge 8 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement
0xbrivan2 Lead Judge 8 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.