The upgradeTier
function in the provided Solidity code uses the burn
method instead of the safeBurn
method from the SafeBurn library. This can lead to potential issues with token burning, especially for tokens that require the use of safeBurn
to ensure safe and compliant burning operations.
https://github.com/Cyfrin/2024-11-one-world/blob/main/contracts/dao/MembershipFactory.sol
The vulnerability is due to the use of the burn
method for burning tokens:
The burn
method does not perform any safety checks to ensure that the burning operation is safe and compliant. This can lead to issues if the token contract requires additional checks or handling during the burning process, potentially resulting in failed transactions or other unintended consequences.
The incorrect use of burn
can result in:
Failed burning operations if the token contract requires additional checks or handling.
manual review
To fix the issue, replace burn
with safeBurn
to ensure safe and compliant burning operations. The updated code should be:
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.